From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS22989 209.51.188.0/24 X-Spam-Status: No, score=-4.0 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id B99851F8C6 for ; Mon, 21 Jun 2021 09:33:45 +0000 (UTC) Received: from localhost ([::1]:46550 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lvGJM-0006cr-GN for normalperson@yhbt.net; Mon, 21 Jun 2021 05:33:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58280) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lvGIt-0005k6-Bz for bug-gnulib@gnu.org; Mon, 21 Jun 2021 05:33:15 -0400 Received: from mx0b-00069f02.pphosted.com ([205.220.177.32]:64698) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lvGIp-0007Mp-QO for bug-gnulib@gnu.org; Mon, 21 Jun 2021 05:33:14 -0400 Received: from pps.filterd (m0246630.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 15L9VH3n028340; Mon, 21 Jun 2021 09:33:05 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : subject : in-reply-to : references : date : message-id : content-type : mime-version; s=corp-2020-01-29; bh=kVi2gXSNtPlBmCdKAemGikYmw/alPZ9SYh7DHH2IqIo=; b=RX3Jd8CHywOroydQIo291Co3o/AiMvCWn6ZvwJi40+98goPEtoLLxbOcBBpVkOP97G3X npI+io5LvWJRrG2wRHHn0hVVxWPMQEVLH3A5x/2lmHu/CwvrZ3X5noOKIxu9dvodkTED SlqHdY+Ei8rPFdW1QImyfyoISrcSjtAnySkjkZqGCLvqwSXj5RUP1jBPc07zUXpfI7e0 566hN4fwPyUwFXKdQqVxqItuGBGjJuyYx4Ud4uznyd8td7aqyxyFkQoJd/Uw0oQrQeom +qTpYHKKTEq/RzyB3RPcZNBYfXKdTmM4Si90+cA9MC41Fg6U9wPa9LcpaWbDyrhx3J9z WA== Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70]) by mx0b-00069f02.pphosted.com with ESMTP id 39ap66gade-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 21 Jun 2021 09:33:04 +0000 Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1]) by aserp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 15L9VOmk149719; Mon, 21 Jun 2021 09:33:04 GMT Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2109.outbound.protection.outlook.com [104.47.58.109]) by aserp3020.oracle.com with ESMTP id 3998d5j68j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 21 Jun 2021 09:33:03 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V+Mz/Pt8xqCzcg4m2kq+1zi13igwKpCnebtr2nzSobTV+50BGGQ0IoWKvHebDjvTLe8CdoNsDnZs9j3fKEhmtv0QsNryaKQyYup0UwIiMpguRaFi0crlrCxNr+vtFNgeAGDkbiM46gsNwc9kbjh6GOm5ZnU4BeoFUy1A8DGOpBTh5LPUD8KIiCACFfqiweGY/yW+C6ohl0JIaXDs9/iLhqYzkdGqfTJFyUxdcrRAVq0Ha4aLuCwbV2r4VoqQSXNHk1DNIU2f6rlbF0S0WslR4XY+yS28kSYxkiFbkV8oXWQS+VZ9gcJdHqlNq7AfF3fV13lwqy/HYxTls0kbLuhG2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kVi2gXSNtPlBmCdKAemGikYmw/alPZ9SYh7DHH2IqIo=; b=nDEWXG8wZyX+fZro9ENlQmvlILEIeMq/u0vHxythr7+w3013tVIQOq+oqHAO3cZX9sF+IIcXpwJ8eQHbFVMKCDinTfKUHD9N9oV93Ff4cpDjzf43kp2n2Z859w4xB7zm02YFPVXwSc9Y4gXcUWO0PodkUQ845kXLJvBPFvRQU9xhKsY/cjSUt+qLfOGGFB4mXJuGcpvw9LDOrw6PiC16joC2oL+PDvsGUyKpgKNCdl4iD69K7u3YrMvk5mD0qYK3/m+fJ1fUFzPzipEDiMKVQS807U/xZExMlF0v2P4Ft62FTPfIjZy8gZ9usOr207tyekdTfAk8X7t1e+8QWr5rrw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kVi2gXSNtPlBmCdKAemGikYmw/alPZ9SYh7DHH2IqIo=; b=jcJSD2E1TBEmjSbl5/J1cCpaOOMuszjZHA56fpVM4XfZCI3BotT5v09Z4NBeom/+mSfFGIQTaaraGMckV84GPlIKu98OFAx5EHOImdiBFnzQvXRbqQqL6HEFcSEqIqhX8+SpeIDvm2Mlz3qaHnRrQkMBghB7aUR9QITup0KIZWU= Authentication-Results: clisp.org; dkim=none (message not signed) header.d=none;clisp.org; dmarc=none action=none header.from=oracle.com; Received: from BLAPR10MB5138.namprd10.prod.outlook.com (2603:10b6:208:322::8) by MN2PR10MB4079.namprd10.prod.outlook.com (2603:10b6:208:1b9::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4242.19; Mon, 21 Jun 2021 09:33:02 +0000 Received: from BLAPR10MB5138.namprd10.prod.outlook.com ([fe80::1539:60e1:df69:3676]) by BLAPR10MB5138.namprd10.prod.outlook.com ([fe80::1539:60e1:df69:3676%9]) with mapi id 15.20.4242.023; Mon, 21 Jun 2021 09:33:02 +0000 From: Darren Kenny To: Bruno Haible , bug-gnulib@gnu.org Subject: Re: [PATCH 2/3] lib/argp-help: Fix possible dereference of a NULL state In-Reply-To: <2605779.ugxd0eSEJy@omega> References: <85c9172a3ccf9909f244993b3b02416783880da8.1624030621.git.darren.kenny@oracle.com> <2605779.ugxd0eSEJy@omega> Date: Mon, 21 Jun 2021 10:32:57 +0100 Message-ID: Content-Type: text/plain X-Originating-IP: [79.97.215.145] X-ClientProxiedBy: DB6PR0601CA0006.eurprd06.prod.outlook.com (2603:10a6:4:7b::16) To BLAPR10MB5138.namprd10.prod.outlook.com (2603:10b6:208:322::8) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from oracle.com (79.97.215.145) by DB6PR0601CA0006.eurprd06.prod.outlook.com (2603:10a6:4:7b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4242.16 via Frontend Transport; Mon, 21 Jun 2021 09:33:01 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b92295bc-c26c-4df2-8dac-08d93497906a X-MS-TrafficTypeDiagnostic: MN2PR10MB4079: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1360; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1D+MAHFneRb68wA56+EbLWUtkV558Nwnex+LZKEOC6JCMRvseI3eXI4hK8sFAuPaV34bWJH2TC1D7HrZEuCR/Q35GZ/pl9Uchu+/dy/oiW81v89Aas6YcDyTsWA+o15Tz0jUTUpuyhGlqj52P1RlU4yinvFZSgtdFFvIWT78GTaLtHUoCCy8cu2YciVvI12piDpzLntlw+bCVRb+JhDGm0tp9HansuoGCuQDBqJYYMiZXlfJGxjMSNuDGyKgXEjcqouanzLwlBuNF2sx+UC0apvOtoxgwv2BNUs+Xb9mDyxvHp1lNs6ms2VSKrjyMLPxRzllgTgdBVj3gVD+urZ4Q7rpCVkjfvZfEKRT+ZsIgJGZ4+tYdaTPDT463a+hNBqLdVOIukLacVtVorkrNyFFQ+qnbXfuwySYvdm0G9rzTu/7B4GbfTIFx38xk5R5jnMds6ul5pDBAXxU37aKm1/Mj+TkzwhlAeJsquZ5Gj7aRetWuG6klF77Nx9tk1QPlRl8nvBwqn3z3pIqK29LVjMxPs0a42QV+FQaeU2rp0eo0LVTFMKksQWBBH3hS3ZmF6sNcVWnakfQaZ1GszrIQXlVZDiNs4Sh8Jbdf8lo3DrZjDpFoAbbopvJORPy8ylS06EYoHIKr0ccfyzGv1O+1VAuc0Wh0dJCT4VBBIuT6gqe7tVU9OgUduMD9SF7Cf9fDtlYcI68mx8KqBqsiDXWl0L5qcL8egBCj/2KYoAnUYRj5pW97fgqow8bvmUyVxh2VJFZzNxEBlN5L/mJ4yUpvFpn/Q== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BLAPR10MB5138.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(346002)(39860400002)(136003)(396003)(376002)(6666004)(38100700002)(38350700002)(8936002)(2616005)(83380400001)(186003)(66946007)(16526019)(55016002)(26005)(66476007)(2906002)(66556008)(478600001)(8676002)(7696005)(8886007)(86362001)(956004)(44832011)(36756003)(5660300002)(52116002)(316002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Pa0xgMYUdAH9Dppz2xoQWpetvV4tsUPtBdmGZ99XOO/ymJ8QCoThjHCNuHgR?= =?us-ascii?Q?8CVS0YCerBhd/cvkplauK4j1/WR9hU0mfIduINBzx/xeO0j+Clg2xrnojGrO?= =?us-ascii?Q?Fcy39KbEABILTozzTYgIR225KbNnpi0lSpmlHnHo7s1yUiSh1jYUN+6yPaZF?= =?us-ascii?Q?i15djscDLvSCBmwPPb2whY1DLKyPvl/fa9tkUnktAYmwu+ICJ59fbWi7dX7N?= =?us-ascii?Q?gIFC7OUSU6/ftLPjSRPEZKC918DFRGwuhWYOzq7My6GXFr/ArlVJYLF/8UjV?= =?us-ascii?Q?KFhTCg51cTC0lAmINqMCAUnldXHpcUtT2gXBsp70TfaynU1wncEVJfNQedOr?= =?us-ascii?Q?d2gbR9QuisE8AhqPXS7+tEfs+LQMx5y+b2v/KV6Tj5KvsnFKfQOvIpQQMXOq?= =?us-ascii?Q?gpQ99EPxy9FiNYNe0E/6WNcf04UM4M4MSRrmPjHeRbm4s1kzofZrSEjRDQ3B?= =?us-ascii?Q?buhog2ZEoCguHEgWGuh++IO4+AHk77Lb8C5IJg606fsLxdWiH0tzjqUUyZ5O?= =?us-ascii?Q?ETHD1CP8cPSCZtUCihWVXvBMUdJoveScp1dHlb1Xxl+CjkATmX9kK5f2NxNV?= =?us-ascii?Q?zaLanFZcTcONzrsyaoPMm2iXwEm5UVXQo76Ujyf0qO2+KEYPW1zRjhwergpB?= =?us-ascii?Q?ORWGaeJ/F3UyIhwt8GKP7EgHYp5/jPZ8IR1fteu4SwwK6964Yz9j1CJTKgQV?= =?us-ascii?Q?AaEgKQb86hWuqj0kgdIO7r5Us0rXPWUlYMUsTdEsu2WtawR+dYIQLsORxPT+?= =?us-ascii?Q?PhnBjeM6GrJumQ118AecERTXrUFZ0L3N1K3xDym2M1bQm3QgxSrvkkhHwt45?= =?us-ascii?Q?Y9sCBLWWWKmK6Dj2RPans9NcZ/Cb1pQIwaV4Pqa5phLPXRCf77zMJJda6m4b?= =?us-ascii?Q?Lx3eSFWhfqRA2FFECpH+8BlwrQ4+cYtCsOLlQ7SSNIrq9gg6r6vbKVGiuK1q?= =?us-ascii?Q?o+WqHISNZaGgpjGNOEDKA9u7tZ9Lg2XH9tKwSvfNUhreWpUSb+MGQFAwoIEN?= =?us-ascii?Q?n1pj93hx416tFcUlO8FvaO3h11CEosSYJqZ831mRPYyV3dTkrWgAC8IYa/TE?= =?us-ascii?Q?/j/SMgyo3d/9dMklC10ApEYgVqId+6SBlSGCtC1ohRcVM73uP7SGVbDplmDn?= =?us-ascii?Q?znmSKRdqwtZfu1ttIq5cpooCLL10lC6x1kceuZCAMOD9xFSCeC/Re0SMWwbs?= =?us-ascii?Q?IqfRqQHEWZ0ElZaimQF2753E5DCcbA3EZiWyAEUurqdOjtGUFicM9zD9CXxr?= =?us-ascii?Q?hE0IDk9Mc1EOxnPecM0CjMRjqlHv1ieFgwKlaeAK3HWbObRRhV5UU9L37Odt?= =?us-ascii?Q?MxUIRFf+KjE6FM/CE3LTm6vT?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: b92295bc-c26c-4df2-8dac-08d93497906a X-MS-Exchange-CrossTenant-AuthSource: BLAPR10MB5138.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jun 2021 09:33:01.9902 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: lwc6pmAFiYMk1PDJLGZvCA9UW0IpbvGTXJufxZTrw5XXrJOmFCUCjHAIujfzSQAZriMsHhF/TCDiiD9KAja8oQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR10MB4079 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=10021 signatures=668682 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 mlxscore=0 adultscore=0 mlxlogscore=999 phishscore=0 suspectscore=0 bulkscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2106210055 X-Proofpoint-ORIG-GUID: qvcyRfZSQWKSMqnduSLFCRCXrYbRXF-E X-Proofpoint-GUID: qvcyRfZSQWKSMqnduSLFCRCXrYbRXF-E Received-SPF: pass client-ip=205.220.177.32; envelope-from=darren.kenny@oracle.com; helo=mx0b-00069f02.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: bug-gnulib@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Gnulib discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnulib-bounces+normalperson=yhbt.net@gnu.org Sender: "bug-gnulib" On Friday, 2021-06-18 at 19:36:55 +02, Bruno Haible wrote: > Darren Kenny wrote: >> All other instances of call to __argp_failure() where there is >> a dgettext() call first check whether the valie of state is NULL >> before attempting to dereference it to get the root_argp->argp_domain. >> >> This was originally found during a Coverity scan of GRUB2. > > Thanks. I confirm that that is a possible NULL dereference here. I've > applied your patch. > > The notation '(tiny change) is explained in > . > > > 2021-06-18 Darren Kenny (tiny change) > > argp: Avoid possible NULL access in argp_help. > Reported by Coverity. The invocation chain is: > argp_help -> _help -> fill_in_uparams -> validate_uparams. > * lib/argp-help.c (validate_uparams): Don't crash if state == NULL. > > diff --git a/lib/argp-help.c b/lib/argp-help.c > index 4c89697..80cdb44 100644 > --- a/lib/argp-help.c > +++ b/lib/argp-help.c > @@ -147,7 +147,8 @@ validate_uparams (const struct argp_state *state, struct uparams *upptr) > if (*(int *)((char *)upptr + up->uparams_offs) >= upptr->rmargin) > { > __argp_failure (state, 0, 0, > - dgettext (state->root_argp->argp_domain, > + dgettext (state == NULL ? NULL > + : state->root_argp->argp_domain, > "\ > ARGP_HELP_FMT: %s value is less than or equal to %s"), > "rmargin", up->name); Thanks Bruno.