On 16.08.21 09:03, Christian Storm wrote: > From: Christian Storm <[email protected]> > > StrnCmp() dereferences both its CHAR16 pointer arguments. > If src is NULL which happens in the default case and if, > e.g., a CUSTOMLABEL is absent, StrnCmp() dereferences a > NULL pointer. Avoid this by calling StrnCmp() only if > src != NULL. > > This is no change in behavior as devpath would not have > been set anyway. > > Signed-off-by: Christian Storm <[email protected]> > --- > utils.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/utils.c b/utils.c > index ba9239b..44c2dac 100644 > --- a/utils.c > +++ b/utils.c > @@ -245,7 +245,7 @@ EFI_DEVICE_PATH *FileDevicePathFromConfig(EFI_HANDLE > device, > src = NULL; > break; > } > - if (StrnCmp(src, &payloadpath[2], prefixlen) == 0) { > + if (src && (StrnCmp(src, &payloadpath[2], prefixlen) == > 0)) { > devpath = volumes[v].devpath; > break; > } >
Thanks, applied. Jan -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/20ce39e3-cc8e-35a4-c01b-0e08de0a1270%40siemens.com.
