On 1/5/25 12:24 AM, Glenn Washburn wrote:
From: Lukas Fink <lukas.fi...@gmail.com>
The pointer returned by grub_elf_file() is not checked to verify it is not
null before use. A null pointer may be returned when the given file does
not have a valid ELF header.
Indeed or for a number of other reasons. Also other places in the switch
check if elf == NULL.
Reviewed-by: Ross Philipson <ross.philip...@oracle.com>
Fixes:
https://urldefense.com/v3/__https://savannah.gnu.org/bugs/?61960__;!!ACWV5N9M2RV99hQ!L8SmY4a1GhbF_jVSw1PgVVFTw85_c8-DzevGhhPXEAKZLBZhWQ7SbtR_O2rbR-lveEUY8m7Cws9K8J_FRnsDwnLMzXoo$
Signed-off-by: Lukas Fink <lukas.fi...@gmail.com>
Signed-off-by: Glenn Washburn <developm...@efficientek.com>
---
grub-core/commands/file.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/grub-core/commands/file.c b/grub-core/commands/file.c
index 7c13e976b505..19602d75786b 100644
--- a/grub-core/commands/file.c
+++ b/grub-core/commands/file.c
@@ -306,6 +306,8 @@ grub_cmd_file (grub_extcmd_context_t ctxt, int argc, char
**args)
elf = grub_elf_file (file, file->name);
+ if (elf == NULL)
+ break;
if (elf->ehdr.ehdr32.e_type != grub_cpu_to_le16_compile_time (ET_EXEC)
|| elf->ehdr.ehdr32.e_ident[EI_DATA] != ELFDATA2LSB)
break;
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
