[PATCH 1/1] cmd: lwip/wget: avoid NULL dereference in _set_cacert()
Ilias Apalodimas
ilias.apalodimas at linaro.org
Mon Dec 1 18:35:44 CET 2025
On Mon, 1 Dec 2025 at 17:18, Heinrich Schuchardt
<heinrich.schuchardt at canonical.com> wrote:
>
> From: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
>
> Running `wget cacert builtin` leads to a crash in _set_cacert():
>
> Unhandled exception: Load access fault
>
> Function _set_cacert() dereferences variable wget_info.
> We must initialize it before executing the cacert sub-command.
>
> Fixes: d3761a31ef09 ("lwip: split net/lwip/wget.c")
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> ---
> cmd/lwip/wget.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/cmd/lwip/wget.c b/cmd/lwip/wget.c
> index fc9bc11cd83..4883ad61bce 100644
> --- a/cmd/lwip/wget.c
> +++ b/cmd/lwip/wget.c
> @@ -180,6 +180,8 @@ int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
> ulong dst_addr;
> char nurl[1024];
>
> + wget_info = &default_wget_info;
> +
> #if CONFIG_IS_ENABLED(WGET_CACERT)
> if (argc == 4 && !strncmp(argv[1], "cacert", strlen("cacert")))
> return set_cacert(argv[2], argv[3]);
> @@ -214,7 +216,6 @@ int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
> if (parse_legacy_arg(url, nurl, sizeof(nurl)))
> return CMD_RET_FAILURE;
>
> - wget_info = &default_wget_info;
> if (wget_do_request(dst_addr, nurl))
> return CMD_RET_FAILURE;
>
> --
> 2.51.0
>
More information about the U-Boot
mailing list