[U-Boot] [PATCH 1/1] env: avoid possible NULL pointer access

[Heinrich Schuchardt]

env_attr_lookup call env_attr_walk with
callback = regex_callback.

In env_attr_walk
attributes = strchr(entry_cpy, ENV_ATTR_SEP)
will return NULL if ENV_ATTR_SEP is not found.

In the aftermath regex_callback may call
strlen(attributes)
with a NULL value which will lead to a failure.

The problem was indicated by scan-clam.

Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
---
 common/env_attr.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/common/env_attr.c b/common/env_attr.c
index 5bfe5e3a89..68843f2e0f 100644
--- a/common/env_attr.c
+++ b/common/env_attr.c
@@ -132,6 +132,10 @@ static int regex_callback(const char *name, const char *attributes, void *priv)
 		if (slre_match(&slre, cbp->searched_for,
 			       strlen(cbp->searched_for), caps)) {
 			free(cbp->regex);
+			if (!attributes) {
+				retval = -EINVAL;
+				goto done;
+			}
 			cbp->regex = malloc(strlen(regex) + 1);
 			if (cbp->regex) {
 				strcpy(cbp->regex, regex);
-- 
2.11.0