Hi Anton,
On Thu, Feb 13, 2025 at 07:52:00PM +0300, Anton Moryakov wrote:
> Static analyzer reported:
> Return value of a function 'gelf_getehdr' is dereferenced at readelf.c:12443
> without checking for NULL, but it is usually checked for this function
> (53/54).
I can see how a static analyzer thinks this gelf_getehdr call can
fail. But it really cannot in this case. The core Elf was already
checked for ehdr->type == ET_CORE in one of the callers. Or we
wouldn't have gotten here.
What you could do to help the analyzer, and make this code slightly
cleaner, is pass down that ehdr from handle_notes through the various
handle_* functions.
Cheers,
Mark
> Corrections explained:
> - Added a NULL check for the ehdr variable
>
> Triggers found by static analyzer Svace.
>
> Signed-off-by: Anton Moryakov <ant.v.morya...@gmail.com>
> ---
> src/readelf.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/src/readelf.c b/src/readelf.c
> index 6526db07..3bdfb391 100644
> --- a/src/readelf.c
> +++ b/src/readelf.c
> @@ -12440,6 +12440,11 @@ handle_core_item (Elf *core, const Ebl_Core_Item
> *item, const void *desc,
> field went into the high half of USEC. */
> GElf_Ehdr ehdr_mem;
> GElf_Ehdr *ehdr = gelf_getehdr (core, &ehdr_mem);
> + if (unlikely(ehdr == NULL))
> + {
> + fprintf(stderr, "Failed to get ELF header\n");
> + return;
> + }
> if (likely (ehdr->e_ident[EI_DATA] == ELFDATA2MSB))
> usec >>= 32;
> else
> --
> 2.30.2
>
