I found that `glob_sym` does not check whether it is NULL when reading the
code. `glob_sym` obtains the pointer of btf information in the linker from
`find_glob_sym`, which may be return NULL pointer. However, the code then
references `glob_sym->sec_id`. This may cause program to crash.
Fixes: a46349227cd8 ("libbpf: Add linker extern resolution support for functions and global variables")
Signed-off-by: Xin Liu <liuxin350@xxxxxxxxxx>
Signed-off-by: Weibin Kong <kongweibin2@xxxxxxxxxx>
---
tools/lib/bpf/linker.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tools/lib/bpf/linker.c b/tools/lib/bpf/linker.c
index 4ac02c28e152..d02d2754910f 100644
--- a/tools/lib/bpf/linker.c
+++ b/tools/lib/bpf/linker.c
@@ -2355,6 +2355,11 @@ static int linker_append_btf(struct bpf_linker *linker, struct src_obj *obj)
if (btf_is_non_static(t)) {
name = btf__str_by_offset(linker->btf, t->name_off);
glob_sym = find_glob_sym(linker, name);
+ if (!glob_sym) {
+ pr_warn("global '%s': section mismatch %d\n", name,
+ dst_sec->id);
+ return -EINVAL;
+ }
if (glob_sym->sec_id != dst_sec->id) {
pr_warn("global '%s': section mismatch %d vs %d\n",
name, glob_sym->sec_id, dst_sec->id);
--
2.33.0
