[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug libsframe/30956] New: A potential null_pointer_deference bug
|
From: |
23020231154193 at stu dot xmu.edu.cn |
|
Subject: |
[Bug libsframe/30956] New: A potential null_pointer_deference bug |
|
Date: |
Tue, 10 Oct 2023 00:39:09 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=30956
Bug ID: 30956
Summary: A potential null_pointer_deference bug
Product: binutils
Version: 2.41
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libsframe
Assignee: indu.bhagat at oracle dot com
Reporter: 23020231154193 at stu dot xmu.edu.cn
Target Milestone: ---
Hi, I found a potential null pointer dereference bug in
libiberty/cp-demangle.c,and I have shown the execution sequence in an image,
which can be accessed through the link below:
https://github.com/s-cube-xmu/s-cube-xmu.github.io/assets/88568227/a2d967f0-25d4-4590-bd17-2779ac884e22
The red text illustrates the steps that generate thebug,and the file path can
be seen in the blue framed section.
I found that also in file cp-demangle.c, there is acheck on variable typed_name
at line 4718 to ensure it's not NULL(shown in image below), which is also a
object of struct demangle_component like op2, you can get more details through
thg image link below. I suggest that a check (whether os is NULL) is also
needed in above case.
https://github.com/s-cube-xmu/s-cube-xmu.github.io/assets/88568227/86597f8a-6c01-4e5d-ae83-fbab43406e7c
Although the code shown is for version 2.32 but this potential bug is still
exist in the current version. Would you can help to check if this bug is true?
Thank you for your effort and patience!
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug libsframe/30956] New: A potential null_pointer_deference bug,
23020231154193 at stu dot xmu.edu.cn <=