Fix undefined behavior: invalid access of NULL ptr.

hzeller · hzeller · commit c39a501c3e58 · 2022-11-21T12:51:56.000-08:00
Found with msan/asan analysis.

Signed-off-by: Henner Zeller &lt;hzeller@google.com&gt;
diff --git a/src/base/main/libSupport.c b/src/base/main/libSupport.c
@@ -74,12 +74,10 @@ void open_libs() {
     }
 
     // Extract directories and read libraries
-    done = 0;
     p = init_p;
-    while (!done) {
+    for (;;) {
       char *endp = strchr (p,':');
-      if (endp == NULL) done = 1; // last directory in the list
-      else *endp = 0; // end of string
+      if (endp != NULL) *endp = 0; // end of string
 
       dirp = opendir(p);
       if (dirp == NULL) {
@@ -119,7 +117,11 @@ void open_libs() {
         }
       }
       closedir(dirp);
-      p = endp+1;
+      if (endp == NULL) {
+        break; // last directory in the list
+      } else {
+        p = endp+1;
+      }
     }
 
     ABC_FREE(init_p);
diff --git a/src/map/if/ifMan.c b/src/map/if/ifMan.c
@@ -96,11 +96,19 @@ If_Man_t * If_ManStart( If_Par_t * pPars )
         Abc_Print( 1, "K = %d. Memory (bytes): Truth = %4d. Cut = %4d. Obj = %4d. Set = %4d. CutMin = %s\n", 
             p->pPars->nLutSize, 8 * p->nTruth6Words[p->pPars->nLutSize], p->nCutBytes, p->nObjBytes, p->nSetBytes, p->pPars->fCutMin? "yes":"no" );
     // room for temporary truth tables
-    p->puTemp[0] = p->pPars->fTruth? ABC_ALLOC( unsigned, 8 * p->nTruth6Words[p->pPars->nLutSize] ) : NULL;
-    p->puTemp[1] = p->puTemp[0] + p->nTruth6Words[p->pPars->nLutSize]*2;
-    p->puTemp[2] = p->puTemp[1] + p->nTruth6Words[p->pPars->nLutSize]*2;
-    p->puTemp[3] = p->puTemp[2] + p->nTruth6Words[p->pPars->nLutSize]*2;
-    p->puTempW   = p->pPars->fTruth? ABC_ALLOC( word, p->nTruth6Words[p->pPars->nLutSize] ) : NULL;
+    if ( p->pPars->fTruth )
+    {
+        p->puTemp[0] = p->pPars->fTruth? ABC_ALLOC( unsigned, 8 * p->nTruth6Words[p->pPars->nLutSize] ) : NULL;
+        p->puTemp[1] = p->puTemp[0] + p->nTruth6Words[p->pPars->nLutSize]*2;
+        p->puTemp[2] = p->puTemp[1] + p->nTruth6Words[p->pPars->nLutSize]*2;
+        p->puTemp[3] = p->puTemp[2] + p->nTruth6Words[p->pPars->nLutSize]*2;
+        p->puTempW   = p->pPars->fTruth? ABC_ALLOC( word, p->nTruth6Words[p->pPars->nLutSize] ) : NULL;
+    }
+    else
+    {
+        p->puTemp[0] = p->puTemp[1] = p->puTemp[2] = p->puTemp[3] = NULL;
+        p->puTempW = NULL;
+    }
     if ( pPars->fUseDsd )
     {
         for ( v = 6; v <= Abc_MaxInt(6,p->pPars->nLutSize); v++ )
diff --git a/src/misc/extra/extraUtilUtil.c b/src/misc/extra/extraUtilUtil.c
@@ -280,7 +280,7 @@ char * Extra_UtilFileSearch(char *file, char *path, char *mode)
 
     save_path = path = Extra_UtilStrsav(path);
     quit = 0;
-    do {
+    for (;;) {
     cp = strchr(path, ':');
     if (cp != 0) {
         *cp = '\0';
@@ -304,8 +304,12 @@ char * Extra_UtilFileSearch(char *file, char *path, char *mode)
         return filename;
     }
     ABC_FREE(filename);
-    path = ++cp;
-    } while (! quit); 
+    if (quit) {
+        break;
+    } else {
+       path = ++cp;
+    }
+    }
 
     ABC_FREE(save_path);
     return 0;

Original file line number	Diff line number	Diff line change
`@@ -74,12 +74,10 @@ void open_libs() {`
`74`	`74`	`}`
`75`	`75`
`76`	`76`	`// Extract directories and read libraries`
`77`		`- done = 0;`
`78`	`77`	`p = init_p;`
`79`		`- while (!done) {`
	`78`	`+ for (;;) {`
`80`	`79`	`char *endp = strchr (p,':');`
`81`		`- if (endp == NULL) done = 1; // last directory in the list`
`82`		`- else *endp = 0; // end of string`
	`80`	`+ if (endp != NULL) *endp = 0; // end of string`
`83`	`81`
`84`	`82`	`dirp = opendir(p);`
`85`	`83`	`if (dirp == NULL) {`
`@@ -119,7 +117,11 @@ void open_libs() {`
`119`	`117`	`}`
`120`	`118`	`}`
`121`	`119`	`closedir(dirp);`
`122`		`- p = endp+1;`
	`120`	`+ if (endp == NULL) {`
	`121`	`+ break; // last directory in the list`
	`122`	`+ } else {`
	`123`	`+ p = endp+1;`
	`124`	`+ }`
`123`	`125`	`}`
`124`	`126`
`125`	`127`	`ABC_FREE(init_p);`