From: Sudhakar Kuppusamy Date: Wed, 19 Nov 2025 10:00:47 +0000 (+0530) Subject: osdep/linux/ofpath: Add missing strdup() failure checks X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=07c250487fea48fb934efab2bdfe32e9339cfabf;p=thirdparty%2Fgrub.git osdep/linux/ofpath: Add missing strdup() failure checks Segmentation faults or undefined behaviour may result from a NULL pointer dereference in strip_trailing_digits() and grub_util_devname_to_ofpath() if strdup() fails. Therefore, I added a NULL check to fix this. Signed-off-by: Sudhakar Kuppusamy Reviewed-by: Srish Srinivasan Reviewed-by: Avnish Chouhan Reviewed-by: Daniel Kiper --- diff --git a/grub-core/osdep/linux/ofpath.c b/grub-core/osdep/linux/ofpath.c index a6153d359..24a4d5c8d 100644 --- a/grub-core/osdep/linux/ofpath.c +++ b/grub-core/osdep/linux/ofpath.c @@ -695,6 +695,9 @@ strip_trailing_digits (const char *p) char *new, *end; new = strdup (p); + if (new == NULL) + return NULL; + end = new + strlen(new) - 1; while (end >= new) { @@ -709,13 +712,18 @@ strip_trailing_digits (const char *p) char * grub_util_devname_to_ofpath (const char *sys_devname) { - char *name_buf, *device, *devnode, *devicenode, *ofpath; + char *name_buf, *device, *devnode, *devicenode, *ofpath = NULL; name_buf = xrealpath (sys_devname); device = get_basename (name_buf); devnode = strip_trailing_digits (name_buf); + if (devnode == NULL) + goto devnode_fail; + devicenode = strip_trailing_digits (device); + if (devicenode == NULL) + goto devicenode_fail; if (device[0] == 'h' && device[1] == 'd') ofpath = of_path_of_ide(name_buf, device, devnode, devicenode); @@ -741,8 +749,12 @@ grub_util_devname_to_ofpath (const char *sys_devname) ofpath = NULL; } - free (devnode); free (devicenode); + + devicenode_fail: + free (devnode); + + devnode_fail: free (name_buf); return ofpath;