projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1a5745e) | patch
script/execute: Fix potential underflow and NULL dereference
authorLidong Chen <lidong.chen@oracle.com>
Wed, 29 Jan 2025 06:48:37 +0000 (06:48 +0000)
committerFelix Zielcke <fzielcke@z-51.de>
Wed, 11 Jun 2025 15:42:34 +0000 (17:42 +0200)
commitbd73b94d3f5589052710068c54ccd4c664b2bd49
tree404be984135850791c9eb3af104f06b50078eae3tree | snapshot
parent1a5745ec98d46fa0363b551e12d60950622f800ecommit | diff
script/execute: Fix potential underflow and NULL dereference

The result is initialized to 0 in grub_script_arglist_to_argv().
If the for loop condition is not met both result.args and result.argc
remain 0 causing result.argc - 1 to underflow and/or result.args NULL
dereference. Fix the issues by adding relevant checks.

Fixes: CID 473880
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name script-execute-Fix-potential-underflow-and-NULL-dereferen.patch
grub-core/script/execute.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.