objdump: Handle elf_getarhdr returning NULL in handle_ar

Report of the static analyzer:
Pointer, returned from function 'elf_getarhdr' at objdump.c:314,
may be NULL and is dereferenced at objdump.c:317. (CWE-476, CWE-690)

Corrections explained:
When processing archive elements, the code could dereference a NULL
pointer if 'elf_getarhdr' returns NULL. This patch adds a check to
ensure 'arhdr' is not NULL before using it. The fix ensures that the
function safely handles cases where 'elf_getarhdr' fails, avoiding
potential crashes.

Triggers found by static analyzer Svace.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>

diff --git a/src/objdump.c b/src/objdump.c
index 1b38da23266d3f628342d16ce735ab878727234c..1f72eab8d4693c2c7843b6179b2112dc00cdd15a 100644 (file)
--- a/src/objdump.c
+++ b/src/objdump.c
@@ -313,7 +313,8 @@ handle_ar (int fd, Elf *elf, const char *prefix, const char *fname,
       Elf_Arhdr *arhdr = elf_getarhdr (subelf);
 
       /* Skip over the index entries.  */
-      if (strcmp (arhdr->ar_name, "/") != 0
+      if (arhdr != NULL
+         && strcmp (arhdr->ar_name, "/") != 0
          && strcmp (arhdr->ar_name, "//") != 0)
        {
          if (elf_kind (subelf) == ELF_K_ELF)