libelf: Check for NULL shdr in elf_strptr.

GCC10 -fanalyzer with -flto notices __elf64_getshdr_rdlock can fail
and because the result isn't checked in elf_strptr it can cause a
dereference of NULL.

Signed-off-by: Mark Wielaard <mark@klomp.org>

diff --git a/libelf/ChangeLog b/libelf/ChangeLog
index fcea8aa90d51fe59cf2486e407893d913072b080..fd5518dc44e6c66c93eeec6dfc71eec2aacab845 100644 (file)
--- a/libelf/ChangeLog
+++ b/libelf/ChangeLog
@@ -1,3 +1,7 @@
+2020-05-08  Mark Wielaard  <mark@klomp.org>
+
+       * elf_strptr.c (elf_strptr): Check shdr is not NULL.
+
 2020-05-08  Mark Wielaard  <mark@klomp.org>
 
        * elf_getdata.c (__libelf_set_rawdata_wrlock): Check

diff --git a/libelf/elf_strptr.c b/libelf/elf_strptr.c
index e72a3a369e1a3dfab2e6fcf3247326b1fb0f3060..c727170748208aa0b9bdd8ddb31d58cb4bb27914 100644 (file)
--- a/libelf/elf_strptr.c
+++ b/libelf/elf_strptr.c
@@ -145,7 +145,7 @@ elf_strptr (Elf *elf, size_t idx, size_t offset)
   else
     {
       Elf64_Shdr *shdr = strscn->shdr.e64 ?: __elf64_getshdr_rdlock (strscn);
-      if (unlikely (shdr->sh_type != SHT_STRTAB))
+      if (unlikely (shdr == NULL || shdr->sh_type != SHT_STRTAB))
        {
          /* This is no string section.  */
          __libelf_seterrno (ELF_E_INVALID_SECTION);