From 4caa01dd2c8ff2694a24750a52f8790fa6447d89 Mon Sep 17 00:00:00 2001
From: pancake <pancake@nopcode.org>
Date: Fri, 21 Dec 2018 09:38:42 +0100
Subject: [PATCH] Fix #12532 - null deref in axff

---
 libr/anal/xrefs.c    |  1 +
 libr/core/cmd_anal.c | 18 +++++++++++-------
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/libr/anal/xrefs.c b/libr/anal/xrefs.c
index 44eb0804e4..019adaccff 100644
--- a/libr/anal/xrefs.c
+++ b/libr/anal/xrefs.c
@@ -342,6 +342,7 @@ static RList *fcn_get_refs(RAnalFunction *fcn, HtUP *ht) {
 }
 
 R_API RList *r_anal_fcn_get_refs(RAnal *anal, RAnalFunction *fcn) {
+	r_return_val_if_fail (anal && fcn, NULL);
 	return fcn_get_refs (fcn, anal->dict_refs);
 }
 
diff --git a/libr/core/cmd_anal.c b/libr/core/cmd_anal.c
index 377c2e147d..246b6fd153 100644
--- a/libr/core/cmd_anal.c
+++ b/libr/core/cmd_anal.c
@@ -5825,13 +5825,17 @@ static bool cmd_anal_refs(RCore *core, const char *input) {
 			RAnalFunction * fcn = r_anal_get_fcn_in (core->anal, addr, 0);
 			RListIter *iter;
 			RAnalRef *refi;
-			RList *refs = r_anal_fcn_get_refs (core->anal, fcn);
-			r_list_foreach (refs, iter, refi) {
-				RFlagItem *f = r_flag_get_at (core->flags, refi->addr, true);
-				const char *name = f ? f->name: "";
-				r_cons_printf ("%c 0x%08"PFMT64x" 0x%08"PFMT64x" %s\n",
-					refi->type == R_ANAL_REF_TYPE_CALL?'C':'J',
-					refi->at, refi->addr, name);
+			if (fcn) {
+				RList *refs = r_anal_fcn_get_refs (core->anal, fcn);
+				r_list_foreach (refs, iter, refi) {
+					RFlagItem *f = r_flag_get_at (core->flags, refi->addr, true);
+					const char *name = f ? f->name: "";
+					r_cons_printf ("%c 0x%08"PFMT64x" 0x%08"PFMT64x" %s\n",
+						refi->type == R_ANAL_REF_TYPE_CALL?'C':'J',
+						refi->at, refi->addr, name);
+				}
+			} else {
+				eprintf ("Cannot find any function\n");
 			}
 		} else { // "axf"
 			ut8 buf[12];