diff mbox series

macho null dereference read

Message ID ZAXSk4uW7BEA153b@squeak.grove.modra.org
State Repeat Merge
Headers
Series macho null dereference read |

Checks

Context Check Description
snail/binutils-gdb-check warning Git am fail log

Commit Message

Alan Modra March 6, 2023, 11:46 a.m. UTC 
  The main problem here was not returning -1 from canonicalize_symtab on
an error, leaving the vector of relocs only partly initialised and one
with a null sym_ptr_ptr.

	* mach-o.c (bfd_mach_o_canonicalize_symtab): Return -1 on error,
	not 0.
	(bfd_mach_o_pre_canonicalize_one_reloc): Init sym_ptr_ptr to
	undefined section sym.
diff mbox series

Patch

diff --git a/bfd/mach-o.c b/bfd/mach-o.c
index a910e1146ea..0a91095a5d6 100644
--- a/bfd/mach-o.c
+++ b/bfd/mach-o.c
@@ -919,7 +919,7 @@  bfd_mach_o_canonicalize_symtab (bfd *abfd, asymbol **alocation)
     {
       _bfd_error_handler
 	(_("bfd_mach_o_canonicalize_symtab: unable to load symbols"));
-      return 0;
+      return -1;
     }
 
   BFD_ASSERT (sym->symbols != NULL);
@@ -1554,7 +1554,7 @@  bfd_mach_o_pre_canonicalize_one_reloc (bfd *abfd,
   bfd_vma addr;
 
   addr = bfd_get_32 (abfd, raw->r_address);
-  res->sym_ptr_ptr = NULL;
+  res->sym_ptr_ptr = bfd_und_section_ptr->symbol_ptr_ptr;
   res->addend = 0;
 
   if (addr & BFD_MACH_O_SR_SCATTERED)
@@ -1572,7 +1572,7 @@  bfd_mach_o_pre_canonicalize_one_reloc (bfd *abfd,
 	 end of the data for the section (e.g. in a calculation of section
 	 data length).  At present, the symbol will end up associated with
 	 the following section or, if it falls within alignment padding, as
-	 null - which will assert later.  */
+	 the undefined section symbol.  */
       for (j = 0; j < mdata->nsects; j++)
 	{
 	  bfd_mach_o_section *sect = mdata->sections[j];