projects / grub2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aec5639)
commands/ls: Fix NULL dereference
authorB Horn <b@horn.uk>
Sun, 12 May 2024 10:08:23 +0000 (11:08 +0100)
committerFelix Zielcke <fzielcke@z-51.de>
Wed, 11 Jun 2025 15:42:34 +0000 (17:42 +0200)
The grub_strrchr() may return NULL when the dirname do not contain "/".
This can happen on broken filesystems.

Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name commands-ls-Fix-NULL-dereference.patch

grub-core/commands/ls.c patch | blob | history

diff --git a/grub-core/commands/ls.c b/grub-core/commands/ls.c
index 6a1c7f5d362673d79c187ce92175ee268cecee6a..f660946a24e481eb2e28777409614985d6996384 100644 (file)
--- a/grub-core/commands/ls.c
+++ b/grub-core/commands/ls.c
@@ -241,7 +241,11 @@ grub_ls_list_files (char *dirname, int longlist, int all, int human)
 
          grub_file_close (file);
 
-         p = grub_strrchr (dirname, '/') + 1;
+         p = grub_strrchr (dirname, '/');
+         if (p == NULL)
+           goto fail;
+         ++p;
+
          ctx.dirname = grub_strndup (dirname, p - dirname);
          if (ctx.dirname == NULL)
            goto fail;
Unnamed repository; edit this file 'description' to name the repository.