[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Tinycc-devel] NULL pointer dereference due to unchecked return from fdo
From: |
John Scott |
Subject: |
[Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen() |
Date: |
Mon, 28 Feb 2022 04:18:20 +0000 |
Hi all,
I found this bug using the oomify tool at
https://github.com/tavianator/oomify
The problem can be seen at tccelf.c around line 2430 (f has type FILE*):
f = fdopen(fd, "wb");
if (s1->verbose)
printf("<- %s\n", filename);
#ifdef TCC_TARGET_COFF
if (s1->output_format == TCC_OUTPUT_FORMAT_COFF)
tcc_output_coff(s1, f);
else
#endif
if (s1->output_format == TCC_OUTPUT_FORMAT_ELF)
tcc_output_elf(s1, f, phnum, phdr, file_offset, sec_order);
Note that the return value from fdopen() is not checked if it is NULL.
If the output format is ELF, then tcc_output_elf() expects that f is a
valid FILE* variable and passes it to fwrite(), which causes undefined
behavior.
I don't know how to fix this, but hope that maybe one of you folks will
appreciate this report.
signature.asc
Description: This is a digitally signed message part
- [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(),
John Scott <=
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Christian Jullien, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), grischka, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Christian Jullien, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Vincent Lefevre, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Domingo Alvarez Duarte, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28
- Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28
- [Tinycc-devel] Re : Re: NULL pointer dereference due to unchecked return from fdopen(), david . koch, 2022/02/28
- Re: [Tinycc-devel] Re : Re: NULL pointer dereference due to unchecked return from fdopen(), Steffen Nurpmeso, 2022/02/28