]> git.proxmox.com Git - grub2.git/commitdiff
projects / grub2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4905469)
kern/partition: Check for NULL before dereferencing input string
authorDarren Kenny <darren.kenny@oracle.com>
Fri, 23 Oct 2020 09:49:59 +0000 (09:49 +0000)
committerColin Watson <cjwatson@debian.org>
Sun, 13 Jun 2021 23:40:45 +0000 (00:40 +0100)
There is the possibility that the value of str comes from an external
source and continuing to use it before ever checking its validity is
wrong. So, needs fixing.

Additionally, drop unneeded part initialization.

Fixes: CID 292444
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Patch-Name: 2021-02-security/029-kern-partition-Check-for-NULL-before-dereferencing-input-string.patch

grub-core/kern/partition.c patch | blob | blame | history

diff --git a/grub-core/kern/partition.c b/grub-core/kern/partition.c
index e499147cbcbaa26a00f4076f191c691060ff5bf2..b10a184e3fa1b8a96e0a924b2d9d4d3683540430 100644 (file)
--- a/grub-core/kern/partition.c
+++ b/grub-core/kern/partition.c
@@ -109,11 +109,14 @@ grub_partition_map_probe (const grub_partition_map_t partmap,
 grub_partition_t
 grub_partition_probe (struct grub_disk *disk, const char *str)
 {
-  grub_partition_t part = 0;
+  grub_partition_t part;
   grub_partition_t curpart = 0;
   grub_partition_t tail;
   const char *ptr;
 
+  if (str == NULL)
+    return 0;
+
   part = tail = disk->partition;
 
   for (ptr = str; *ptr;)
The GNU GRand Unified Bootloader for Proxmox projects