This patch series adds a failure check after calling grub_strdup()/strdup. Missing a failure check after calling grub_strdup() can lead to undefined behavior. If it fails and returns NULL, subsequent dereferencing or writing to the pointer will likely result in a runtime error such as a segmentation fault.
Patch 1/4 (0001-ieee1275-openfw-add-missing-grub_strdup-failure-chec.patch) Patch 2/4 (0002-script-execute-add-missing-grub_strdup-failure-check.patch) Patch 3/4 (0003-kern-mips-arc-add-missing-grub_strdup-failure-check.patch) Patch 4/4 (0004-osdep-linux-getroot-add-missing-strdup-failure-check.patch) Avnish Chouhan (4): ieee1275/openfw: add missing grub_strdup failure checks script/execute: add missing grub_strdup failure check kern/mips/arc: add missing grub_strdup failure check osdep/linux/getroot: add missing strdup failure checks grub-core/kern/ieee1275/openfw.c | 17 ++++++++++++++--- grub-core/script/execute.c | 3 +++ grub-core/kern/mips/arc/init.c | 3 +++ grub-core/osdep/linux/getroot.c | 10 ++++++++++ 4 files changed -- 2.47.1 _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
