From: Christian Storm <[email protected]> StrnCmp() dereferences both its CHAR16 pointer arguments. If src is NULL which happens in the default case and if, e.g., a CUSTOMLABEL is absent, StrnCmp() dereferences a NULL pointer. Avoid this by calling StrnCmp() only if src != NULL.
This is no change in behavior as devpath would not have been set anyway. Signed-off-by: Christian Storm <[email protected]> --- utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils.c b/utils.c index ba9239b..44c2dac 100644 --- a/utils.c +++ b/utils.c @@ -245,7 +245,7 @@ EFI_DEVICE_PATH *FileDevicePathFromConfig(EFI_HANDLE device, src = NULL; break; } - if (StrnCmp(src, &payloadpath[2], prefixlen) == 0) { + if (src && (StrnCmp(src, &payloadpath[2], prefixlen) == 0)) { devpath = volumes[v].devpath; break; } -- 2.32.0 -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/20210816070316.13614-1-christian.storm%40siemens.com.
