Fix oobread crash in the analysis loop with corrupted ELFs (tests_649…

…28) ##crash Reported by giantbranch of NSFOCUS TIANJI Lab
radareorg · Oct 30, 2021 · 4aff1bb · 4aff1bb
1 parent 59a9dfb
commit 4aff1bb
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/libr/core/canal.c b/libr/core/canal.c
@@ -831,7 +831,7 @@ static bool __core_anal_fcn(RCore *core, ut64 at, ut64 from, int reftype, int de
 					const RList *syms = r_bin_get_symbols (core->bin);
 					ut64 baddr = r_config_get_i (core->config, "bin.baddr");
 					r_list_foreach (syms, iter, sym) {
-						if ((sym->paddr + baddr) == fcn->addr && !strcmp (sym->type, R_BIN_TYPE_FUNC_STR)) {
+						if (sym->type && (sym->paddr + baddr) == fcn->addr && !strcmp (sym->type, R_BIN_TYPE_FUNC_STR)) {
 							free (new_name);
 							new_name = r_str_newf ("sym.%s", sym->name);
 							break;