scene_obj_find can return NULL but this is not checked for before the return is dereferenced. Add a NULL check.
This issue was found by Smatch. Also add a NULL check for str. Signed-off-by: Andrew Goodbody <andrew.goodb...@linaro.org> --- Changes in v2: - rebase to -next - Add a NULL check for str - Link to v1: https://lore.kernel.org/r/20250630-scene_menu_fix-v1-1-9ccb9a49c...@linaro.org --- boot/scene_menu.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/boot/scene_menu.c b/boot/scene_menu.c index 8db6a2b2f4d..23404172093 100644 --- a/boot/scene_menu.c +++ b/boot/scene_menu.c @@ -571,14 +571,15 @@ int scene_menu_display(struct scene_obj_menu *menu) return log_msg_ret("txt", -EINVAL); str = expo_get_str(exp, txt->gen.str_id); - printf("%s\n\n", str); + printf("%s\n\n", str ? str : ""); } if (list_empty(&menu->item_head)) return 0; pointer = scene_obj_find(scn, menu->pointer_id, SCENEOBJT_TEXT); - pstr = expo_get_str(scn->expo, pointer->gen.str_id); + if (pointer) + pstr = expo_get_str(scn->expo, pointer->gen.str_id); list_for_each_entry(item, &menu->item_head, sibling) { struct scene_obj_txt *key = NULL, *label = NULL; --- base-commit: 5ab660663ded12cd6e063933016d27c9eafda2f3 change-id: 20250630-scene_menu_fix-60640ea67c20 Best regards, -- Andrew Goodbody <andrew.goodb...@linaro.org>
