[PATCH] common: fix: add NULL checks for xrealloc in make_string
Anton Moryakov
ant.v.moryakov at gmail.com
Thu Feb 6 23:01:23 CET 2025
- Check return value of xrealloc for NULL.
- Free allocated memory and return NULL if xrealloc fails.
- Prevent NULL pointer dereference in strlen and strcat.
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov at gmail.com>
---
common/cli_hush.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/common/cli_hush.c b/common/cli_hush.c
index a6a8edce1f..701ceaf080 100644
--- a/common/cli_hush.c
+++ b/common/cli_hush.c
@@ -3626,7 +3626,13 @@ static char *make_string(char **inp, int *nonnull)
noeval = 1;
for (n = 0; inp[n]; n++) {
p = insert_var_value_sub(inp[n], noeval);
- str = xrealloc(str, (len + strlen(p) + (2 * nonnull[n])));
+ char *new_str = xrealloc(str, (len + strlen(p) + (2 * nonnull[n])));
+ if (!new_str) {
+ free(str);
+ if (p != inp[n]) free(p);
+ return NULL;
+ }
+ str = new_str;
if (n) {
strcat(str, " ");
} else {
--
2.30.2
More information about the U-Boot
mailing list