projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e945ea0) | patch
script/execute: Fix potential underflow and NULL dereference
authorLidong Chen <lidong.chen@oracle.com>
Wed, 29 Jan 2025 06:48:37 +0000 (06:48 +0000)
committerFelix Zielcke <fzielcke@z-51.de>
Thu, 3 Jul 2025 16:35:51 +0000 (18:35 +0200)
commit0102b6b2c1e327e9912b0cb7db9ed25bf95f48f5
tree44f6c7cd042185b7e7dea78ed425fc7fb0b69bactree | snapshot
parente945ea01cb4a754005acda3bdadb956e02431c78commit | diff
script/execute: Fix potential underflow and NULL dereference

The result is initialized to 0 in grub_script_arglist_to_argv().
If the for loop condition is not met both result.args and result.argc
remain 0 causing result.argc - 1 to underflow and/or result.args NULL
dereference. Fix the issues by adding relevant checks.

Fixes: CID 473880
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name script-execute-Fix-potential-underflow-and-NULL-dereferen.patch
grub-core/script/execute.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.