[PATCH 1/1] cmd: lwip/wget: avoid NULL dereference in _set_cacert()
Heinrich Schuchardt
heinrich.schuchardt at canonical.com
Mon Dec 1 16:17:24 CET 2025
From: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
Running `wget cacert builtin` leads to a crash in _set_cacert():
Unhandled exception: Load access fault
Function _set_cacert() dereferences variable wget_info.
We must initialize it before executing the cacert sub-command.
Fixes: d3761a31ef09 ("lwip: split net/lwip/wget.c")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
---
cmd/lwip/wget.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/cmd/lwip/wget.c b/cmd/lwip/wget.c
index fc9bc11cd83..4883ad61bce 100644
--- a/cmd/lwip/wget.c
+++ b/cmd/lwip/wget.c
@@ -180,6 +180,8 @@ int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
ulong dst_addr;
char nurl[1024];
+ wget_info = &default_wget_info;
+
#if CONFIG_IS_ENABLED(WGET_CACERT)
if (argc == 4 && !strncmp(argv[1], "cacert", strlen("cacert")))
return set_cacert(argv[2], argv[3]);
@@ -214,7 +216,6 @@ int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
if (parse_legacy_arg(url, nurl, sizeof(nurl)))
return CMD_RET_FAILURE;
- wget_info = &default_wget_info;
if (wget_do_request(dst_addr, nurl))
return CMD_RET_FAILURE;
--
2.51.0
More information about the U-Boot
mailing list