[PATCH] scripts: Fix potential null-deref
Tom Rini
trini at konsulko.com
Fri Apr 18 16:18:29 CEST 2025
On Fri, Apr 18, 2025 at 03:51:42PM +0200, Quentin Schulz wrote:
> Hi Maks(?)
>
> On 4/18/25 10:19 AM, ant.v.moryakov at gmail.com wrote:
> > From: Maks Mishin <maks.mishinFZ at gmail.com>
> >
> > Signed-off-by: Maks Mishin <maks.mishinFZ at gmail.com>
>
> This seems to differ from the sender. Are you Maks? If not, you need to add
> your Signed-off-by to fulfill the DCO requirements.
>
> > ---
> > scripts/kconfig/menu.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/scripts/kconfig/menu.c b/scripts/kconfig/menu.c
> > index 5c5c1374..a0d0d2af 100644
> > --- a/scripts/kconfig/menu.c
> > +++ b/scripts/kconfig/menu.c
> > @@ -812,8 +812,10 @@ static void get_symbol_str(struct gstr *r, struct symbol *sym,
> > }
> > }
> > }
> > - for_all_prompts(sym, prop)
> > - get_prompt_str(r, prop, head);
> > + if (sym) {
> > + for_all_prompts(sym, prop)
> > + get_prompt_str(r, prop, head);
> > + }
> > prop = get_symbol_prop(sym);
>
> This one too can do a null-deref.
>
> And same for some other functions after as well.
>
> Wondering if we shouldn't update the macros to not enter the for loops if
> sym is NULL? So we don't have to patch every caller?
The feedback I had with the original patches here was to bring this up
with the linux kernel community first as this comes from them (and
there's a much wider security-focused set or reviewers there). We can
then easily backport fixes.
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20250418/dcb052fe/attachment.sig>
More information about the U-Boot
mailing list