From: Omar Sandoval <osan...@fb.com> When read_addrs() was converted was converted from a nested function to a normal function, there was a mistake in converting "buffer" from a closure variable to a parameter: we are checking whether the pointer argument is NULL, not whether the buffer itself is NULL. This causes a NULL pointer dereference when we try to use the NULL buffer later.
Fixes: 3bf41d458fb6 ("link_map: Pull read_addrs() into file scope") made Signed-off-by: Omar Sandoval <osan...@fb.com> --- libdwfl/ChangeLog | 4 ++++ libdwfl/link_map.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index fedf65a4..c57c7708 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog @@ -1,3 +1,7 @@ +2021-06-09 Omar Sandoval <osan...@fb.com> + + * link_map.c (read_addrs): Fix crash. + 2021-04-19 Martin Liska <mli...@suse.cz> * dwfl_frame.c (dwfl_attach_state): Use startswith. diff --git a/libdwfl/link_map.c b/libdwfl/link_map.c index 0d8d1c17..1e7d4502 100644 --- a/libdwfl/link_map.c +++ b/libdwfl/link_map.c @@ -254,7 +254,7 @@ read_addrs (struct memory_closure *closure, Dwfl *dwfl = closure->dwfl; /* Read a new buffer if the old one doesn't cover these words. */ - if (buffer == NULL + if (*buffer == NULL || vaddr < *read_vaddr || vaddr - (*read_vaddr) + nb > *buffer_available) { -- 2.32.0