[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY PATCH 053/117] loader/bsd: Check for NULL arg up-front
From: |
Daniel Kiper |
Subject: |
[SECURITY PATCH 053/117] loader/bsd: Check for NULL arg up-front |
Date: |
Tue, 2 Mar 2021 19:01:00 +0100 |
From: Darren Kenny <darren.kenny@oracle.com>
The code in the next block suggests that it is possible for .set to be
true but .arg may still be NULL.
This code assumes that it is never NULL, yet later is testing if it is
NULL - that is inconsistent.
So we should check first if .arg is not NULL, and remove this check that
is being flagged by Coverity since it is no longer required.
Fixes: CID 292471
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/loader/i386/bsd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/loader/i386/bsd.c b/grub-core/loader/i386/bsd.c
index f5bf7f89e..d89ff0a7a 100644
--- a/grub-core/loader/i386/bsd.c
+++ b/grub-core/loader/i386/bsd.c
@@ -1605,7 +1605,7 @@ grub_cmd_openbsd (grub_extcmd_context_t ctxt, int argc,
char *argv[])
kernel_type = KERNEL_TYPE_OPENBSD;
bootflags = grub_bsd_parse_flags (ctxt->state, openbsd_flags);
- if (ctxt->state[OPENBSD_ROOT_ARG].set)
+ if (ctxt->state[OPENBSD_ROOT_ARG].set && ctxt->state[OPENBSD_ROOT_ARG].arg
!= NULL)
{
const char *arg = ctxt->state[OPENBSD_ROOT_ARG].arg;
unsigned type, unit, part;
@@ -1622,7 +1622,7 @@ grub_cmd_openbsd (grub_extcmd_context_t ctxt, int argc,
char *argv[])
"unknown disk type name");
unit = grub_strtoul (arg, &arg, 10);
- if (! (arg && *arg >= 'a' && *arg <= 'z'))
+ if (! (*arg >= 'a' && *arg <= 'z'))
return grub_error (GRUB_ERR_BAD_ARGUMENT,
"only device specifications of form "
"<type><number><lowercase letter> are supported");
--
2.11.0
- [SECURITY PATCH 044/117] normal/completion: Fix leaking of memory when processing a completion, (continued)
- [SECURITY PATCH 044/117] normal/completion: Fix leaking of memory when processing a completion, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 043/117] syslinux: Fix memory leak while parsing, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 045/117] commands/hashsum: Fix a memory leak, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 042/117] libgcrypt/mpi: Fix possible NULL dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 046/117] commands/probe: Fix a resource leak when probing disks, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 047/117] video/efi_gop: Remove unnecessary return value of grub_video_gop_fill_mode_info(), Daniel Kiper, 2021/03/02
- [SECURITY PATCH 050/117] video/fb/video_fb: Fix possible integer overflow, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 048/117] video/fb/fbfill: Fix potential integer overflow, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 051/117] video/readers/jpeg: Test for an invalid next marker reference from a jpeg file, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 049/117] video/fb/video_fb: Fix multiple integer overflows, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 053/117] loader/bsd: Check for NULL arg up-front,
Daniel Kiper <=
- [SECURITY PATCH 052/117] gfxmenu/gui_list: Remove code that coverity is flagging as dead, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 054/117] loader/xnu: Fix memory leak, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 055/117] loader/xnu: Free driverkey data when an error is detected in grub_xnu_writetree_toheap(), Daniel Kiper, 2021/03/02
- [SECURITY PATCH 056/117] loader/xnu: Check if pointer is NULL before using it, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 057/117] util/grub-install: Fix NULL pointer dereferences, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 058/117] util/grub-editenv: Fix incorrect casting of a signed value, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 059/117] util/glue-efi: Fix incorrect use of a possibly negative value, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 062/117] script/execute: Avoid crash when using "$#" outside a function scope, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 060/117] script/execute: Fix NULL dereference in grub_script_execute_cmdline(), Daniel Kiper, 2021/03/02
- [SECURITY PATCH 067/117] video/readers/jpeg: Catch files with unsupported quantization or Huffman tables, Daniel Kiper, 2021/03/02