On 26.02.2016 17:28, Christos Zoulas wrote:
> Module Name: src
> Committed By: christos
> Date: Fri Feb 26 16:28:14 UTC 2016
>
> Modified Files:
> src/external/gpl3/gdb/dist/bfd: merge.c
>
> Log Message:
> CID 420802: Avoid NULL deref.
>
>
> To generate a diff of this commit:
> cvs rdiff -u -r1.1.1.4 -r1.2 src/external/gpl3/gdb/dist/bfd/merge.c
>
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.
>
>
> Modified files:
>
> Index: src/external/gpl3/gdb/dist/bfd/merge.c
> diff -u src/external/gpl3/gdb/dist/bfd/merge.c:1.1.1.4 src/external/gpl3/gdb/dist/bfd/merge.c:1.2
> --- src/external/gpl3/gdb/dist/bfd/merge.c:1.1.1.4 Tue Feb 2 22:00:11 2016
> +++ src/external/gpl3/gdb/dist/bfd/merge.c Fri Feb 26 11:28:14 2016
> @@ -334,7 +334,7 @@ sec_merge_emit (bfd *abfd, struct sec_me
>
> /* Trailing alignment needed? */
> off = sec->size - off;
> - if (off != 0)
> + if (pad != NULL && off != 0)
> {
> if (contents)
> memcpy (contents + offset, pad, off);
>
It looks to me like a false positive.
pad is checked just after bfd_zmalloc():
pad = (char *) bfd_zmalloc (pad_len);
if (pad == NULL)
return FALSE;
If I am not overlooking something, I will drop this local patch as not
upstreamable.
Attachment:
signature.asc
Description: OpenPGP digital signature