Closed
Bug 1388893
Opened 7 years ago
Closed 7 years ago
Elfhack potential nullptr access
Categories
(Firefox Build System :: General, enhancement)
Firefox Build System
General
Tracking
(firefox57 fixed)
RESOLVED
FIXED
mozilla57
Tracking | Status | |
---|---|---|
firefox57 | --- | fixed |
People
(Reporter: esawin, Assigned: esawin)
References
Details
Attachments
(1 file)
689 bytes,
patch
|
glandium
:
review+
|
Details | Diff | Splinter Review |
Coverity Scan has picked up the following defect: *** CID 162741: (FORWARD_NULL) /build/unix/elfhack/elfhack.cpp: 757 in do_relocation_section<Elf_Rela>(Elf *, unsigned int, unsigned int, bool, bool)() 751 section->rels.assign(new_rels.begin(), new_rels.end()); 752 section->shrink(new_rels.size() * section->getEntSize()); 753 754 ElfRelHackCode_Section *relhackcode = new ElfRelHackCode_Section(relhackcode_section, *elf, *relhack, original_init, mprotect_cb); 755 // Find the first executable section, and insert the relhack code before 756 // that. The relhack data is inserted between .rel.dyn and .rel.plt. >>> CID 162741: (FORWARD_NULL) >>> Assigning: "first_executable" = "NULL". 757 ElfSection *first_executable = nullptr; 758 for (ElfSection *s = elf->getSection(1); s != nullptr; 759 s = s->getNext()) { 760 if (s->getFlags() & SHF_EXECINSTR) { 761 first_executable = s; 762 break; /build/unix/elfhack/elfhack.cpp: 757 in do_relocation_section<Elf_Rel>(Elf *, unsigned int, unsigned int, bool, bool)() 751 section->rels.assign(new_rels.begin(), new_rels.end()); 752 section->shrink(new_rels.size() * section->getEntSize()); 753 754 ElfRelHackCode_Section *relhackcode = new ElfRelHackCode_Section(relhackcode_section, *elf, *relhack, original_init, mprotect_cb); 755 // Find the first executable section, and insert the relhack code before 756 // that. The relhack data is inserted between .rel.dyn and .rel.plt. >>> CID 162741: (FORWARD_NULL) >>> Assigning: "first_executable" = "NULL". 757 ElfSection *first_executable = nullptr; 758 for (ElfSection *s = elf->getSection(1); s != nullptr; 759 s = s->getNext()) { 760 if (s->getFlags() & SHF_EXECINSTR) { 761 first_executable = s; 762 break;
Assignee | ||
Comment 1•7 years ago
|
||
Attachment #8895559 -
Flags: review?(mh+mozilla)
Updated•7 years ago
|
Attachment #8895559 -
Flags: review?(mh+mozilla) → review+
Pushed by esawin@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/f6d10bc8c36c [1.0] Abort code insertion if executable section was not found. r=glandium
Comment 3•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/f6d10bc8c36c
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
Updated•6 years ago
|
Product: Core → Firefox Build System
You need to log in
before you can comment on or make changes to this bug.
Description
•