On 11/18/25 7:55 PM, Sudhakar Kuppusamy wrote:
Segmentation faults or undefined behaviour may result from a null pointer
dereference in strip_trailing_digits and grub_util_devname_to_ofpath if
strdup() fails. Therefore, I added a NULL check to fix this.
Signed-off-by: Sudhakar Kuppusamy <[email protected]>
---
grub-core/osdep/linux/ofpath.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/grub-core/osdep/linux/ofpath.c b/grub-core/osdep/linux/ofpath.c
index a6153d359..ade5220db 100644
--- a/grub-core/osdep/linux/ofpath.c
+++ b/grub-core/osdep/linux/ofpath.c
@@ -695,6 +695,9 @@ strip_trailing_digits (const char *p)
char *new, *end;
new = strdup (p);
+ if (new == NULL)
+ return NULL;
+
end = new + strlen(new) - 1;
while (end >= new)
{
@@ -715,7 +718,15 @@ grub_util_devname_to_ofpath (const char *sys_devname)
device = get_basename (name_buf);
devnode = strip_trailing_digits (name_buf);
+ if (devnode == NULL)
+ return NULL;
+
devicenode = strip_trailing_digits (device);
+ if (devicenode == NULL)
+ {
+ free (devnode);
+ return NULL;
+ }
if (device[0] == 'h' && device[1] == 'd')
ofpath = of_path_of_ide(name_buf, device, devnode, devicenode);
Reviewed-by: Srish Srinivasan <[email protected]>
_______________________________________________
Grub-devel mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/grub-devel
