Commit: Fix seg-fault disassembling EFI files

Message ID 87r2bkbajk.fsf@redhat.com
State New
Headers show
Series
  • Commit: Fix seg-fault disassembling EFI files
Related show

Commit Message

Nick Clifton March 6, 2019, 9:46 a.m.
Hi Guys,

  I am checking in the attached patch to fix an access through a NULL
  pointer triggered by attempting to disassemble an EFI file with source
  included.  This was reported on the Fedora bugzilla system here:
  
https://bugzilla.redhat.com/show_bug.cgi?id=1685727

Cheers
  Nick

bfd/ChangeLog
2019-03-06  Nick Clifton  <nickc@redhat.com>

	* dwarf2.c (_bfd_dwarf2_find_symbol_bias): Check for a NULL symbol
	table pointer.
	* coffgen.c (coff_find_nearest_line_with_names): Do not call
	_bfd_dwarf2_find_symbol_bias if there is no symbol table available.

Patch

diff --git a/bfd/coffgen.c b/bfd/coffgen.c
index 309e1249ac..5f5c5f67a4 100644
--- a/bfd/coffgen.c
+++ b/bfd/coffgen.c
@@ -2294,7 +2294,7 @@  coff_find_nearest_line_with_names (bfd *abfd,
      information.  So try again, using a bias against the address sought.  */
   if (coff_data (abfd)->dwarf2_find_line_info != NULL)
     {
-      bfd_signed_vma bias;
+      bfd_signed_vma bias = 0;
 
       /* Create a cache of the result for the next call.  */
       if (sec_data == NULL && section->owner == abfd)
@@ -2306,10 +2306,11 @@  coff_find_nearest_line_with_names (bfd *abfd,
 
       if (sec_data != NULL && sec_data->saved_bias)
 	bias = sec_data->saved_bias;
-      else
+      else if (symbols)
 	{
 	  bias = _bfd_dwarf2_find_symbol_bias (symbols,
 					       & coff_data (abfd)->dwarf2_find_line_info);
+
 	  if (sec_data)
 	    {
 	      sec_data->saved_bias = TRUE;
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index 0b4e485582..56557bbc81 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -4472,7 +4472,7 @@  _bfd_dwarf2_find_symbol_bias (asymbol ** symbols, void ** pinfo)
 
   stash = (struct dwarf2_debug *) *pinfo;
 
-  if (stash == NULL)
+  if (stash == NULL || symbols == NULL)
     return 0;
 
   for (unit = stash->all_comp_units; unit; unit = unit->next_unit)