A menu entry with an empty title leads to an out-of-bounds access at
"ch = src[len - 1]", i.e., "src" is empty and "len" is zero. So, fixing
this by checking the menu entry title length and throwing an error if
the length is zero.
Signed-off-by: Sridhar Markonda <sridharm@linux.ibm.com>
Signed-off-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
if (! argc)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "missing arguments");
+ if (! grub_strlen (args[argc - 1]))
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, "menuentry title is missing");
+
if (ctxt->state[3].set && ctxt->script)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "multiple menuentry definitions");
projects / thirdparty / grub.git / commitdiff
