Fix null deref in macho parser ##crash

* Reported by Han0nly via huntrdev * BountyID: c07e4918-cf86-4d2e-8969-5fb63575b449 * Reproducer: machonull
radareorg · May 10, 2022 · a5aafb9 · a5aafb9
1 parent 4b22fc5
commit a5aafb9
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/libr/bin/format/mach0/mach0.c b/libr/bin/format/mach0/mach0.c
@@ -4580,6 +4580,9 @@ void MACH0_(iterate_chained_fixups)(struct MACH0_(obj_t) *bin, ut64 limit_start,
 				if (page_idx >= bin->chained_starts[i]->page_count) {
 					break;
 				}
+				if (!bin->chained_starts[i]->page_start) {
+					break;
+				}
 				ut16 page_start = bin->chained_starts[i]->page_start[page_idx];
 				if (page_start == DYLD_CHAINED_PTR_START_NONE) {
 					continue;