From a5aafb99c3965259c84ddcf45a91144bf7eb4cf1 Mon Sep 17 00:00:00 2001 From: pancake Date: Tue, 10 May 2022 11:48:45 +0200 Subject: [PATCH] Fix null deref in macho parser ##crash * Reported by Han0nly via huntrdev * BountyID: c07e4918-cf86-4d2e-8969-5fb63575b449 * Reproducer: machonull --- libr/bin/format/mach0/mach0.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libr/bin/format/mach0/mach0.c b/libr/bin/format/mach0/mach0.c index 4e8b97c7bae49..14bc321727b36 100644 --- a/libr/bin/format/mach0/mach0.c +++ b/libr/bin/format/mach0/mach0.c @@ -4580,6 +4580,9 @@ void MACH0_(iterate_chained_fixups)(struct MACH0_(obj_t) *bin, ut64 limit_start, if (page_idx >= bin->chained_starts[i]->page_count) { break; } + if (!bin->chained_starts[i]->page_start) { + break; + } ut16 page_start = bin->chained_starts[i]->page_start[page_idx]; if (page_start == DYLD_CHAINED_PTR_START_NONE) { continue;