[PATCH] segment: Fix dangling pointer

Pointer 'lookup_module' which is a field of the structure 'Dwfl' freed at segment.c:88 is not overwritten, but it is usually overwritten after free. Found by RASU JSC. Signed-off-by: Maks Mishin --- libdwfl/segment.c | 1 + 1 file changed, 1 insertion(+) diff --git a

[PATCH] nm: Fix descriptor leak

The descriptor 'dwfl_fd' is created at nm.c:1278 by calling function 'dup' and lost at nm.c:1593. Found by RASU JSC. Signed-off-by: Maks Mishin --- src/nm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/nm.c b/src/nm.c index 3675f59b..fee397dd 100644 --- a/src

[PATCH] readelf: Fix division by zero in handle a relocation sections

Variable 'sh_entsize', whose possible value set allows a zero value by calling function 'gelf_fsize', is used as a denominator in calculation of 'nentries' variable. Found by RASU JSC. Signed-off-by: Maks Mishin --- src/readelf.c | 18 ++ 1 file c

[PATCH] readelf: Fix deref-of-null in handle_core_item()

Return value of a function 'gelf_getehdr' is dereferenced without checking for NULL, but it is usually checked for this function. Found by RASU JSC. Signed-off-by: Maks Mishin --- src/readelf.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/readelf.c b/src/reade

[PATCH] readelf: Fix deref-of-null in handle_core_item()

Signed-off-by: Maks Mishin --- src/readelf.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/readelf.c b/src/readelf.c index 0e931184..495db13e 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -12440,6 +12440,13 @@ handle_core_item (Elf *core, const Ebl_Core_Item *item, const

[PATCH] readelf: Fix deref-of-null in dump_archive_index()

Pointer, returned from function 'elf_getarhdr' ar readelf.c:13551, may be NULL and is dereferenced at readelf.c:13553. Found by RASU JCS. Signed-off-by: Maks Mishin --- src/readelf.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/src/readelf.c b/src/readelf.c inde

[PATCH] segment: Fix memory leak in insert()

Dynamic memory, referenced by 'naddr', is allocated at segment.c:66 by calling function 'realloc' and lost at segment.c:92. Found by RASU JSC. Signed-off-by: Maks Mishin --- libdwfl/segment.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libdwfl/segment.c b/lib

[PATCH] segment: Fix memory leak in insert()

Dynamic memory, referenced by 'naddr', is allocated at segment.c:66 by calling function 'realloc' and lost at segment.c:92. Found by RASU JSC. Signed-off-by: Maks Mishin --- libdwfl/segment.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libdwfl/segment.c b/lib

[PATCH] strip: Add check for elf_begin() result

Return value of a function 'elf_begin' is dereferenced at strip.c:1166 without checking for NULL, but it is usually checked for this function. Found by RASU JSC. Signed-off-by: Maks Mishin --- src/strip.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/str

[PATCH] Fix deref-of-null in handle_file_note()

After having been assigned to a NULL value at dwfl_segment_report_module.c:200, pointer 'retval' is dereferenced at dwfl_segment_report_module.c:208 by calling function 'strcmp'. Found by RASU JSC. Signed-off-by: Maks Mishin --- libdwfl/dwfl_segment_report_module.c | 3 ++

[PATCH] size: Fix deref-of-null in handle_ar() function

Pointer, returned from function 'elf_getarhdr' at size.c:362, may be NULL and is dereferenced at size.c:367. Signed-off-by: Maks Mishin --- src/size.c | 10 ++ 1 file changed, 10 insertions(+) diff --git a/src/size.c b/src/size.c index ff8ca075..d6bce203 100644 --- a/src/si

[PATCH] unstrip: Fix deref-of-null in copy_elided_sections()

Pointer `symstrdata` is dereferenced at unstrip.c:1977 without checking for NULL. Signed-off-by: Maks Mishin --- src/unstrip.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/unstrip.c b/src/unstrip.c index d70053de..87bd12de 100644 --- a/src/unstrip.c +++ b/src

[PATCH] readelf: Fix memory leak in print_hash_info()

Signed-off-by: Maks Mishin --- src/readelf.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/readelf.c b/src/readelf.c index c945b371..48035264 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -3597,6 +3597,7 @@ print_hash_info (Ebl *ebl, Elf_Scn *scn, GElf_Shdr *shdr, size_t shstrndx

[PATCH] sparc_attrs: Fix string overflow

A string is copied into the buffer 's' of size 577 without checking its length first at sparc_attrs.c:95. Found by RASU JSC. Signed-off-by: Maks Mishin --- backends/sparc_attrs.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/backends/sparc_attrs.c b/backends/sparc_att

[PATCH] Fix some potential deref-of-null error

strip.c: Pointer `arhdr` created at strip.c:2741 and then dereferenced without NULL-check. The same situation for the `arhdr` pointer at the objdump.c:313 and the `h` pointer at the readelf.c:13545. Triggers found by static analyzer Svace. Signed-off-by: Maks Mishin --- src/objdump.c | 5

[PATCH] elflint: Fix memory leak in check_gnu_hash function

Dynamic memory, referenced by 'collected', is allocated at elflint.c:2235 and lost at elflint.c:2296. Found by RASU JSC with SVACE. Signed-off-by: Maks Mishin --- src/elflint.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/elflint.c b/src/elflint.c index e56e1465..cdc61

Re: [PATCH] elflint: Fix memory leak in check_gnu_hash function

Thanks for the feedback! пт, 20 сент. 2024 г. в 19:07, Aaron Merey : > Hi Maks, > > On Wed, Sep 18, 2024 at 4:58 AM Maks Mishin > wrote: > > > > Dynamic memory, referenced by 'collected', is allocated at elflint.c:2235 > > and lost at elflint.c:22