Adding a failure check in grub_strdup(). If grub_strdup fails (e.g., due to memory allocation failure), it returns NULL. Then, passing assign (which would be NULL) to grub_strchr() will result in a null pointer dereference, which can cause undefined behavior.
Signed-off-by: Avnish Chouhan <[email protected]> --- grub-core/script/execute.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c index da99dfa..62afcdc 100644 --- a/grub-core/script/execute.c +++ b/grub-core/script/execute.c @@ -1015,6 +1015,9 @@ grub_script_execute_cmdline (struct grub_script_cmd *cmd) { /* As a last resort, try if it is an assignment. */ char *assign = grub_strdup (cmdname); + if (assign == NULL) + return grub_errno; + char *eq = grub_strchr (assign, '='); if (eq) -- 2.47.1 _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
