[PATCH] tools: Fix potential null-deref with result of strtok_r
Maks Mishin
maks.mishinfz at gmail.com
Sun Feb 9 16:46:21 CET 2025
Return value of a function 'strtok_r' is dereferenced at kwbimage.c:1655
without checking for NULL, but it is usually checked for this function.
Signed-off-by: Maks Mishin <maks.mishinFZ at gmail.com>
---
tools/kwbimage.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/tools/kwbimage.c b/tools/kwbimage.c
index d1cbced28f..3dcf5ba66b 100644
--- a/tools/kwbimage.c
+++ b/tools/kwbimage.c
@@ -1653,6 +1653,12 @@ static int image_create_config_parse_oneline(char *line,
char *unknown_msg = "Ignoring unknown line '%s'\n";
keyword = strtok_r(line, delimiters, &saveptr);
+
+ if (!keyword) {
+ fprintf(stderr, "Parameter missing in line '%s'\n", line);
+ return -1;
+ }
+
keyword_id = recognize_keyword(keyword);
if (!keyword_id) {
--
2.34.1
More information about the U-Boot
mailing list