fs/fshelp: Avoid possible NULL pointer deference

Avoid attempting to defererence a NULL pointer to call read_symlink() when
the given filesystem does not provide a read_symlink() function. This could
be triggered if the calling filesystem had a file marked as a symlink.
This appears possible for HFS and was observed during fuzzing of NTFS.

Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

diff --git a/grub-core/fs/fshelp.c b/grub-core/fs/fshelp.c
index cb41934b4fec60539c0cf8668c6fbb0727a1e4d7..15278fb8004f18cd2ecbab5130c0c9c085e269c9 100644 (file)
--- a/grub-core/fs/fshelp.c
+++ b/grub-core/fs/fshelp.c
@@ -226,7 +226,10 @@ find_file (char *currpath,
            return grub_error (GRUB_ERR_SYMLINK_LOOP,
                               N_("too deep nesting of symlinks"));
 
-         symlink = read_symlink (ctx->currnode->node);
+         if (read_symlink != NULL)
+           symlink = read_symlink (ctx->currnode->node);
+         else
+           return grub_error (GRUB_ERR_BAD_FS, "read_symlink is NULL");
 
          if (!symlink)
            return grub_errno;