From owner-svn-src-head@freebsd.org  Wed Feb  8 15:52:10 2017
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 503E7CD56FD;
 Wed,  8 Feb 2017 15:52:10 +0000 (UTC)
 (envelope-from tsoome@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1FBFB12AF;
 Wed,  8 Feb 2017 15:52:10 +0000 (UTC)
 (envelope-from tsoome@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v18Fq9wg034507;
 Wed, 8 Feb 2017 15:52:09 GMT (envelope-from tsoome@FreeBSD.org)
Received: (from tsoome@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v18Fq9hc034506;
 Wed, 8 Feb 2017 15:52:09 GMT (envelope-from tsoome@FreeBSD.org)
Message-Id: <201702081552.v18Fq9hc034506@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: tsoome set sender to
 tsoome@FreeBSD.org using -f
From: Toomas Soome <tsoome@FreeBSD.org>
Date: Wed, 8 Feb 2017 15:52:09 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r313442 - head/sys/boot/efi/libefi
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2017 15:52:10 -0000

Author: tsoome
Date: Wed Feb  8 15:52:09 2017
New Revision: 313442
URL: https://svnweb.freebsd.org/changeset/base/313442

Log:
  loader: possible NULL pointer dereference in efipart.c
  
  Fix bugs found by Coverity in efipart.c.
  
  The Issue is that efi_devpath_last_node() can return NULL pointer, and
  therefore we should check for it. In real life we really do not
  expect to see it to happen, so we will just error out from the test.
  
  CID:		1371004
  Reported by:	Coverity
  Reviewed by:	allanjude
  Approved by:	allanjude (mentor)
  Differential Revision:	https://reviews.freebsd.org/D9490

Modified:
  head/sys/boot/efi/libefi/efipart.c

Modified: head/sys/boot/efi/libefi/efipart.c
==============================================================================
--- head/sys/boot/efi/libefi/efipart.c	Wed Feb  8 13:37:57 2017	(r313441)
+++ head/sys/boot/efi/libefi/efipart.c	Wed Feb  8 15:52:09 2017	(r313442)
@@ -364,6 +364,9 @@ efipart_hdinfo_add(EFI_HANDLE disk_handl
 	if (disk_devpath == NULL || part_devpath == NULL) {
 		return (ENOENT);
 	}
+	node = (HARDDRIVE_DEVICE_PATH *)efi_devpath_last_node(part_devpath);
+	if (node == NULL)
+		return (ENOENT);	/* This should not happen. */
 
 	pd = malloc(sizeof(pdinfo_t));
 	if (pd == NULL) {
@@ -372,7 +375,6 @@ efipart_hdinfo_add(EFI_HANDLE disk_handl
 	}
 	memset(pd, 0, sizeof(pdinfo_t));
 	STAILQ_INIT(&pd->pd_part);
-	node = (HARDDRIVE_DEVICE_PATH *)efi_devpath_last_node(part_devpath);
 
 	STAILQ_FOREACH(hd, &hdinfo, pd_link) {
 		if (efi_devpath_match(hd->pd_devpath, disk_devpath) != 0) {