Date: Wed, 8 Feb 2017 15:52:09 +0000 (UTC) From: Toomas Soome <tsoome@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r313442 - head/sys/boot/efi/libefi Message-ID: <201702081552.v18Fq9hc034506@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: tsoome Date: Wed Feb 8 15:52:09 2017 New Revision: 313442 URL: https://svnweb.freebsd.org/changeset/base/313442 Log: loader: possible NULL pointer dereference in efipart.c Fix bugs found by Coverity in efipart.c. The Issue is that efi_devpath_last_node() can return NULL pointer, and therefore we should check for it. In real life we really do not expect to see it to happen, so we will just error out from the test. CID: 1371004 Reported by: Coverity Reviewed by: allanjude Approved by: allanjude (mentor) Differential Revision: https://reviews.freebsd.org/D9490 Modified: head/sys/boot/efi/libefi/efipart.c Modified: head/sys/boot/efi/libefi/efipart.c ============================================================================== --- head/sys/boot/efi/libefi/efipart.c Wed Feb 8 13:37:57 2017 (r313441) +++ head/sys/boot/efi/libefi/efipart.c Wed Feb 8 15:52:09 2017 (r313442) @@ -364,6 +364,9 @@ efipart_hdinfo_add(EFI_HANDLE disk_handl if (disk_devpath == NULL || part_devpath == NULL) { return (ENOENT); } + node = (HARDDRIVE_DEVICE_PATH *)efi_devpath_last_node(part_devpath); + if (node == NULL) + return (ENOENT); /* This should not happen. */ pd = malloc(sizeof(pdinfo_t)); if (pd == NULL) { @@ -372,7 +375,6 @@ efipart_hdinfo_add(EFI_HANDLE disk_handl } memset(pd, 0, sizeof(pdinfo_t)); STAILQ_INIT(&pd->pd_part); - node = (HARDDRIVE_DEVICE_PATH *)efi_devpath_last_node(part_devpath); STAILQ_FOREACH(hd, &hdinfo, pd_link) { if (efi_devpath_match(hd->pd_devpath, disk_devpath) != 0) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201702081552.v18Fq9hc034506>