From bc9c468a2ce84bc767234eec888b71f1bc744fff Mon Sep 17 00:00:00 2001 From: Darren Kenny Date: Fri, 23 Oct 2020 09:49:59 +0000 Subject: [PATCH] kern/partition: Check for NULL before dereferencing input string There is the possibility that the value of str comes from an external source and continuing to use it before ever checking its validity is wrong. So, needs fixing. Additionally, drop unneeded part initialization. Fixes: CID 292444 Signed-off-by: Darren Kenny Reviewed-by: Daniel Kiper Signed-off-by: Stefan Sørensen --- grub-core/kern/partition.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/grub-core/kern/partition.c b/grub-core/kern/partition.c index e499147..b10a184 100644 --- a/grub-core/kern/partition.c +++ b/grub-core/kern/partition.c @@ -109,11 +109,14 @@ grub_partition_map_probe (const grub_partition_map_t partmap, grub_partition_t grub_partition_probe (struct grub_disk *disk, const char *str) { - grub_partition_t part = 0; + grub_partition_t part; grub_partition_t curpart = 0; grub_partition_t tail; const char *ptr; + if (str == NULL) + return 0; + part = tail = disk->partition; for (ptr = str; *ptr;) -- 2.14.2