Segmentation faults or undefined behaviour may result from a null pointer dereference in strip_trailing_digits and grub_util_devname_to_ofpath if strdup() fails. Therefore, I added a NULL check to fix this.
Signed-off-by: Sudhakar Kuppusamy <[email protected]> --- grub-core/osdep/linux/ofpath.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/grub-core/osdep/linux/ofpath.c b/grub-core/osdep/linux/ofpath.c index a6153d359..ade5220db 100644 --- a/grub-core/osdep/linux/ofpath.c +++ b/grub-core/osdep/linux/ofpath.c @@ -695,6 +695,9 @@ strip_trailing_digits (const char *p) char *new, *end; new = strdup (p); + if (new == NULL) + return NULL; + end = new + strlen(new) - 1; while (end >= new) { @@ -715,7 +718,15 @@ grub_util_devname_to_ofpath (const char *sys_devname) device = get_basename (name_buf); devnode = strip_trailing_digits (name_buf); + if (devnode == NULL) + return NULL; + devicenode = strip_trailing_digits (device); + if (devicenode == NULL) + { + free (devnode); + return NULL; + } if (device[0] == 'h' && device[1] == 'd') ofpath = of_path_of_ide(name_buf, device, devnode, devicenode); -- 2.50.1 (Apple Git-155) _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
