Skip to content

Fixed some potential null derefs in coreclr#123939

Merged
noahfalk merged 24 commits intodotnet:mainfrom
tpa95:fix/coreclr-null-derefs
Mar 3, 2026
Merged

Fixed some potential null derefs in coreclr#123939
noahfalk merged 24 commits intodotnet:mainfrom
tpa95:fix/coreclr-null-derefs

Conversation

@tpa95
Copy link
Contributor

@tpa95 tpa95 commented Feb 3, 2026

Fixed some potential null pointer dereferences in inspect.cpp and virtual.cpp. The errors were discovered using the Svace static analyzer. I didn't observe any in practice.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Reporter: Pavel Tikhomirov (Tihomirov-P@gaz-is.ru).
Organization: Gazinformservice (resp@gaz-is.ru).

tpa95 added 2 commits February 3, 2026 10:18
@tpa95
A potential null deref has been fixed.
0072cc2 
If an error occurs while executing the mprotect function, execution will jump to the error label, where the pRetVal null pointer will be dereferenced.
The bug was introduced in commit 835fa74 - prior to this, the pRetVal variable was assigned the value of StartBoundary before calling mprotect.
@tpa95
Fixed a potential null deref.
6af8682 
Added missing checks before calling CdStartField. In CdStartField, if typeHandle.IsNull() == true, the mod argument is dereferenced, which is null in all affected calls.
@dotnet-policy-service dotnet-policy-service bot added the community-contribution Indicates that the PR has been added by a community member label Feb 3, 2026
huoyaoyuan
huoyaoyuan reviewed Feb 3, 2026
View reviewed changes
This was referenced Feb 3, 2026
Open
Open
@build-analysis build-analysis bot mentioned this pull request Feb 5, 2026
Open
This was referenced Feb 6, 2026
Open
Open
This was referenced Feb 12, 2026
Closed
Open
@build-analysis build-analysis bot mentioned this pull request Feb 18, 2026
Open
@tpa95
Copy link
Contributor Author

tpa95 commented Feb 19, 2026
edited
Loading

Hi @agocke, @janvorli, @noahfalk. Could you please take a look when you have a moment and let me know if this is ready to merge or if you’d like changes? Thanks!

@build-analysis build-analysis bot mentioned this pull request Feb 19, 2026
Open
@agocke
Copy link
Member

agocke commented Feb 19, 2026

@elinor-fung could you also take a look?

@build-analysis build-analysis bot mentioned this pull request Feb 27, 2026
Open
@tpa95 tpa95 requested review from janvorli and noahfalk March 3, 2026 06:33
noahfalk
noahfalk approved these changes Mar 3, 2026
View reviewed changes
Copy link
Member

@noahfalk noahfalk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@janvorli - the daccess part looks fine to me and I see you already commented the fix looks good in virtual.cpp so I am assuming we are good to go here.

@noahfalk noahfalk merged commit ce7caaf into dotnet:main Mar 3, 2026
103 of 105 checks passed
@tpa95 tpa95 deleted the fix/coreclr-null-derefs branch March 3, 2026 10:10
@janvorli
Copy link
Member

janvorli commented Mar 3, 2026

Right, I am fine with the way it is in this PR. @tpa95 I am sorry for missing your message last week, I was on vacation.

@dotnet-maestro dotnet-maestro bot mentioned this pull request Mar 4, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@noahfalk noahfalk noahfalk approved these changes

@janvorli janvorli Awaiting requested review from janvorli

+1 more reviewer

@huoyaoyuan huoyaoyuan huoyaoyuan left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

area-PAL-coreclr community-contribution Indicates that the PR has been added by a community member

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@tpa95 @agocke @janvorli @huoyaoyuan @noahfalk