blob: 52bd925c973c09f2cc4ab7ee9a8e760b1b86ccb2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
From ca3f923f82a079dcf441419f4a50a50f8b4b33c2 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Fri, 17 Apr 2020 10:38:16 +0930
Subject: [PATCH] PR25840, Null pointer dereference in objdump
PR 25840
* debug.c (debug_class_type_samep): Don't segfault on NULL type.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=ca3f923f82a079dcf441419f4a50a50f8b4b33c2]
CVE: CVE-2020-16598
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
binutils/debug.c | 2 ++
1 files changed, 2 insertions(+)
diff --git a/binutils/debug.c b/binutils/debug.c
index 022fa4edffb..5470e155edc 100644
--- a/binutils/debug.c
+++ b/binutils/debug.c
@@ -3277,6 +3277,8 @@ debug_class_type_samep (struct debug_handle *info, struct debug_type_s *t1,
names, since that sometimes fails in the presence of
typedefs and we really don't care. */
if (strcmp (f1->name, f2->name) != 0
+ || f1->type == NULL
+ || f2->type == NULL
|| ! debug_type_samep (info,
debug_get_real_type ((void *) info,
f1->type, NULL),
--
2.27.0
|