On Thu, 11 Jan 2024 at 10:25, Heinrich Schuchardt
<heinrich.schucha...@canonical.com> wrote:
>
> After calling efi_alloc() we must check that the return value is not NULL.
>
> Fixes: f01c961ee34c ("cmd: efidebug: add uri device path")
> Addresses-Coverity-ID: 477185 Dereference null return value
> Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com>
> ---
> cmd/efidebug.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/cmd/efidebug.c b/cmd/efidebug.c
> index e10fbf891a..997469b485 100644
> --- a/cmd/efidebug.c
> +++ b/cmd/efidebug.c
> @@ -754,6 +754,10 @@ static int efi_boot_add_uri(int argc, char *const
> argv[], u16 *var_name16,
>
> uridp_len = sizeof(struct efi_device_path) + strlen(argv[3]) + 1;
> uridp = efi_alloc(uridp_len + sizeof(END));
> + if (!uridp) {
> + log_err("Out of memory\n");
> + return CMD_RET_FAILURE;
> + }
> uridp->dp.type = DEVICE_PATH_TYPE_MESSAGING_DEVICE;
> uridp->dp.sub_type = DEVICE_PATH_SUB_TYPE_MSG_URI;
> uridp->dp.length = uridp_len;
> --
> 2.43.0
>
Reviewed-by: Ilias Apalodimas <ilias.apalodi...@linaro.org>
