Hi,
Benjamin Baier wrote on Sat, Mar 02, 2019 at 10:10:40AM +0100:
> On malloc error symtab is unmapped, so proceeding on will lead
> to a NULL pointer dereference.
> When malloc fails we should return like the MMAP case does.
Committed.
Thanks for the patch (and to those who checked it).
Ingo
> Index: nm.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/nm/nm.c,v
> retrieving revision 1.53
> diff -u -p -u -C10 -r1.53 nm.c
> *** nm.c 27 Oct 2017 16:47:08 -0000 1.53
> --- nm.c 20 Feb 2019 17:34:01 -0000
> *************** show_symtab(off_t off, u_long len, const
> *** 374,393 ****
> --- 374,394 ----
> restore = ftello(fp);
>
> MMAP(symtab, len, PROT_READ, MAP_PRIVATE|MAP_FILE, fileno(fp), off);
> if (symtab == MAP_FAILED)
> return (1);
>
> namelen = sizeof(ar_head.ar_name);
> if ((p = malloc(sizeof(ar_head.ar_name))) == NULL) {
> warn("%s: malloc", name);
> MUNMAP(symtab, len);
> + return (1);
> }
>
> printf("\nArchive index:\n");
> num = betoh32(*symtab);
> strtab = (char *)(symtab + num + 1);
> for (ps = symtab + 1; num--; ps++, strtab += strlen(strtab) + 1) {
> if (fseeko(fp, betoh32(*ps), SEEK_SET)) {
> warn("%s: fseeko", name);
> rval = 1;
> break;
>
