> On 20 Nov 2025, at 1:41 PM, Avnish Chouhan <[email protected]> wrote: > > Adding a fix for hist_lines memory leak and state loss. In > current code, we overwrite hist_lines before checking the > allocation result. If grub_calloc fails, hist_lines becomes NULL > and we loose the reference to the previously allocated hist_lines. > With this new change. On failure, hist_lines remains pointing to > the old valid memory. No leak, no state corruption. > > Along with this, adding a failure check in grub_calloc(). If > grub_calloc fails, (e.g., due to memory allocation failure), > it returns NULL. Then, passing hist_lines (which would be NULL) > to grub_memmove() will result in a null pointer dereference, > and can cause an undefined behavior.
Sorry, Avnish. I don’t understand the above commit message. Could you please rephrase it. Thanks, Sudhakar > > Signed-off-by: Avnish Chouhan <[email protected]> > --- > grub-core/normal/cmdline.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/grub-core/normal/cmdline.c b/grub-core/normal/cmdline.c > index 9c6d9ad..14a40a4 100644 > --- a/grub-core/normal/cmdline.c > +++ b/grub-core/normal/cmdline.c > @@ -42,7 +42,14 @@ grub_err_t > grub_set_history (int newsize) > { > grub_uint32_t **old_hist_lines = hist_lines; > + > hist_lines = grub_calloc (newsize, sizeof (grub_uint32_t *)); > + if (hist_lines == NULL) > + { > + /* We need to restore hist_lines to avoid memory leak and state loss */ > + hist_lines = old_hist_lines; > + return grub_errno; > + } > > /* Copy the old lines into the new buffer. */ > if (old_hist_lines) > -- > 2.47.1 > > > _______________________________________________ > Grub-devel mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/grub-devel _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
