From 0493ff81a1057d299076ee585e79d1b0e0a2fe21 Mon Sep 17 00:00:00 2001 From: Dan Robertson Date: Tue, 22 May 2018 02:44:01 +0000 Subject: [PATCH] Fix posible null deref in get_target_type A null deref occurs if riscv_deinit_target is called and the target has not been initialized. Change-Id: Ic34057508ed6686eb48e9fe8220110c42ba2fc5e --- src/target/riscv/riscv.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/target/riscv/riscv.c b/src/target/riscv/riscv.c index b1714698c..88d4b9213 100644 --- a/src/target/riscv/riscv.c +++ b/src/target/riscv/riscv.c @@ -232,6 +232,11 @@ static struct target_type *get_target_type(struct target *target) { riscv_info_t *info = (riscv_info_t *) target->arch_info; + if (!info) { + LOG_ERROR("Target has not been initialized"); + return NULL; + } + switch (info->dtm_version) { case 0: return &riscv011_target; @@ -265,9 +270,11 @@ static void riscv_deinit_target(struct target *target) { LOG_DEBUG("riscv_deinit_target()"); struct target_type *tt = get_target_type(target); - tt->deinit_target(target); - riscv_info_t *info = (riscv_info_t *) target->arch_info; - free(info); + if (tt) { + tt->deinit_target(target); + riscv_info_t *info = (riscv_info_t *) target->arch_info; + free(info); + } target->arch_info = NULL; }