[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL
From: |
Daniel Kiper |
Subject: |
[SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL pointer |
Date: |
Tue, 2 Mar 2021 19:00:25 +0100 |
From: Darren Kenny <darren.kenny@oracle.com>
It is always possible that grub_zalloc() could fail, so we should check for
a NULL return. Otherwise we run the risk of dereferencing a NULL pointer.
Fixes: CID 296221
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/net/net.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
index 04ad10682..4d3eb5c1a 100644
--- a/grub-core/net/net.c
+++ b/grub-core/net/net.c
@@ -86,8 +86,13 @@ grub_net_link_layer_add_address (struct grub_net_card *card,
/* Add sender to cache table. */
if (card->link_layer_table == NULL)
- card->link_layer_table = grub_zalloc (LINK_LAYER_CACHE_SIZE
- * sizeof (card->link_layer_table[0]));
+ {
+ card->link_layer_table = grub_zalloc (LINK_LAYER_CACHE_SIZE
+ * sizeof
(card->link_layer_table[0]));
+ if (card->link_layer_table == NULL)
+ return;
+ }
+
entry = &(card->link_layer_table[card->new_ll_entry]);
entry->avail = 1;
grub_memcpy (&entry->ll_address, ll, sizeof (entry->ll_address));
--
2.11.0
- [SECURITY PATCH 007/117] acpi: Don't register the acpi command when locked down, (continued)
- [SECURITY PATCH 007/117] acpi: Don't register the acpi command when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 009/117] commands: Restrict commands that can load BIOS or DT blobs when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 010/117] commands/setpci: Restrict setpci command when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 012/117] gdb: Restrict GDB access when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 015/117] dl: Only allow unloading modules that are not dependencies, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 013/117] loader/xnu: Don't allow loading extension and packages when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 011/117] commands/hdparm: Restrict hdparm command when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 014/117] docs: Document the cutmem command, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 021/117] kern/efi: Fix memory leak on failure, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 019/117] net/tftp: Fix dangling memory pointer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL pointer,
Daniel Kiper <=
- [SECURITY PATCH 024/117] gnulib/regcomp: Fix uninitialized token structure, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 020/117] kern/parser: Fix resource leak if argc == 0, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 022/117] kern/efi/mm: Fix possible NULL pointer dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 025/117] gnulib/argp-help: Fix dereference of a possibly NULL state, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 016/117] usb: Avoid possible out-of-bound accesses caused by malicious devices, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 017/117] mmap: Fix memory leak when iterating over mapped memory, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 023/117] gnulib/regexec: Resolve unused variable, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 026/117] gnulib/regexec: Fix possible null-dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 030/117] kern/partition: Check for NULL before dereferencing input string, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Daniel Kiper, 2021/03/02