[Tinycc-devel] NULL pointer dereference due to unchecked return from fdo

tinycc-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Tinycc-devel] NULL pointer dereference due to unchecked return from fdo

From:	John Scott
Subject:	[Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen()
Date:	Mon, 28 Feb 2022 04:18:20 +0000

Hi all,

I found this bug using the oomify tool at
https://github.com/tavianator/oomify

The problem can be seen at tccelf.c around line 2430 (f has type FILE*):
        f = fdopen(fd, "wb");
        if (s1->verbose)
                printf("<- %s\n", filename);

#ifdef TCC_TARGET_COFF
        if (s1->output_format == TCC_OUTPUT_FORMAT_COFF)
                tcc_output_coff(s1, f);
        else
#endif
        if (s1->output_format == TCC_OUTPUT_FORMAT_ELF)
                tcc_output_elf(s1, f, phnum, phdr, file_offset, sec_order);

Note that the return value from fdopen() is not checked if it is NULL.
If the output format is ELF, then tcc_output_elf() expects that f is a
valid FILE* variable and passes it to fwrite(), which causes undefined
behavior.

I don't know how to fix this, but hope that maybe one of you folks will
appreciate this report.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

[Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), John Scott <=
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Christian Jullien, 2022/02/28
  - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), grischka, 2022/02/28
    - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Christian Jullien, 2022/02/28
    - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Vincent Lefevre, 2022/02/28
    - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28
    - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Domingo Alvarez Duarte, 2022/02/28
    - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28
    - Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28
    - [Tinycc-devel] Re : Re: NULL pointer dereference due to unchecked return from fdopen(), david . koch, 2022/02/28
    - Re: [Tinycc-devel] Re : Re: NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28

Prev by Date: Re: [Tinycc-devel] rv32 support in tcc
Next by Date: Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen()
Previous by thread: [Tinycc-devel] rv32 support in tcc
Next by thread: Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen()
Index(es):
- Date
- Thread