[PATCH] segment: Fix dangling pointer

Maks Mishin Thu, 28 Mar 2024 13:29:36 -0700

Pointer 'lookup_module' which is a field of the structure 'Dwfl'
freed at segment.c:88 is not overwritten, but it is usually overwritten
after free.


Found by RASU JSC.

Signed-off-by: Maks Mishin <maks.mishi...@gmail.com>
---
 libdwfl/segment.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libdwfl/segment.c b/libdwfl/segment.c
index f6a3e84e..af76f2f8 100644
--- a/libdwfl/segment.c
+++ b/libdwfl/segment.c
@@ -86,6 +86,7 @@ insert (Dwfl *dwfl, size_t i, GElf_Addr start, GElf_Addr end, 
int segndx)
          if (unlikely (dwfl->lookup_module == NULL))
            {
              free (old);
+             old = NULL;
              return true;
            }
        }
-- 
2.30.2

[PATCH] segment: Fix dangling pointer

Reply via email to