> On 19 Nov 2025, at 2:26 PM, Avnish Chouhan <[email protected]> wrote: > > On 2025-11-18 22:31, [email protected] wrote: >> Message: 2 >> Date: Tue, 18 Nov 2025 19:55:39 +0530 >> From: Sudhakar Kuppusamy <[email protected]> >> To: [email protected] >> Cc: Sudhakar Kuppusamy <[email protected]>, [email protected], >> [email protected], [email protected] >> Subject: [PATCH] linux/ofpath: Add missing strdup failure checks >> Message-ID: <[email protected]> >> Segmentation faults or undefined behaviour may result from a null pointer >> dereference in strip_trailing_digits and grub_util_devname_to_ofpath if >> strdup() fails. Therefore, I added a NULL check to fix this. >> Signed-off-by: Sudhakar Kuppusamy <[email protected]> >> --- >> grub-core/osdep/linux/ofpath.c | 11 +++++++++++ >> 1 file changed, 11 insertions(+) >> diff --git a/grub-core/osdep/linux/ofpath.c b/grub-core/osdep/linux/ofpath.c >> index a6153d359..ade5220db 100644 >> --- a/grub-core/osdep/linux/ofpath.c >> +++ b/grub-core/osdep/linux/ofpath.c >> @@ -695,6 +695,9 @@ strip_trailing_digits (const char *p) >> char *new, *end; >> new = strdup (p); >> + if (new == NULL) >> + return NULL; >> + >> end = new + strlen(new) - 1; >> while (end >= new) >> { >> @@ -715,7 +718,15 @@ grub_util_devname_to_ofpath (const char *sys_devname) >> device = get_basename (name_buf); >> devnode = strip_trailing_digits (name_buf); >> + if (devnode == NULL) > > Hi Sudhakar, > > This change will lead to a memory leak. You need to add "free (name_buf);" > here before retuning! > >> + return NULL; >> + >> devicenode = strip_trailing_digits (device); >> + if (devicenode == NULL) >> + { >> + free (devnode); > > And here too, "free (name_buf);"...... >
Thank you Avnish for the review. I will fix it on v1. Thanks, Sudhakar > Thank you! > > Regards, > Avnish Chouhan _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
