From: Rich Felker <dalias@aerifal.cx>
To: Maks Mishin <maks.mishinfz@gmail.com>
Cc: musl@lists.openwall.com
Subject: [musl] Re: [PATCH] iconv: Add check null-check for scd pointer
Date: Sun, 24 Mar 2024 15:33:42 -0400 [thread overview]
Message-ID: <20240324193341.GE32430@brightrain.aerifal.cx> (raw)
In-Reply-To: <20240324192503.16512-1-maks.mishinFZ@gmail.com>
On Sun, Mar 24, 2024 at 10:25:03PM +0300, Maks Mishin wrote:
> After having been assigned to a NULL value at iconv.c:230,
> pointer 'scd' is dereferenced at iconv.c:383.
>
> Found by RASU JSC.
>
> Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
> ---
> src/locale/iconv.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/src/locale/iconv.c b/src/locale/iconv.c
> index 7fb2e1ef..e0d200b8 100644
> --- a/src/locale/iconv.c
> +++ b/src/locale/iconv.c
> @@ -232,6 +232,8 @@ size_t iconv(iconv_t cd, char **restrict in, size_t *restrict inb, char **restri
> scd = (void *)cd;
> cd = scd->base_cd;
> }
> + if (scd == NULL) return x;
> +
> unsigned to = extract_to(cd);
> unsigned from = extract_from(cd);
> const unsigned char *map = charmaps+from+1;
> --
> 2.30.2
This makes iconv non-functional for non-stateful conversions. The
claim by the static analysis tool is false. It is not dereferenced in
the code path where it's null because in that code path,
type==ISO2022_JP is never true.
This tool you are using is really junk. You should stop sending
untested and obviously incorrect patches to projects, and advise any
projects that have accepted your patches that they may have been
dangerously incorrect.
Rich
next parent reply other threads:[~2024-03-24 19:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20240324192503.16512-1-maks.mishinFZ@gmail.com>
2024-03-24 19:33 ` Rich Felker [this message]
2024-03-25 8:53 ` alice
2024-04-11 17:56 ` Maks Mishin
2024-04-11 18:43 ` Markus Wichmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240324193341.GE32430@brightrain.aerifal.cx \
--to=dalias@aerifal.cx \
--cc=maks.mishinfz@gmail.com \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).