[PATCH] boot: menu: Do not dereference pointer if pointer is NULL
Tom Rini
trini at konsulko.com
Tue Jul 1 22:40:42 CEST 2025
On Mon, Jun 30, 2025 at 05:06:07PM +0100, Andrew Goodbody wrote:
> scene_obj_find can return NULL but this is not checked for before
> the return is dereferenced. Add a NULL check.
>
> This issue was found by Smatch.
>
> Signed-off-by: Andrew Goodbody <andrew.goodbody at linaro.org>
> ---
> boot/scene_menu.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/boot/scene_menu.c b/boot/scene_menu.c
> index 17150af145d..9a6e37d1c64 100644
> --- a/boot/scene_menu.c
> +++ b/boot/scene_menu.c
> @@ -508,7 +508,8 @@ int scene_menu_display(struct scene_obj_menu *menu)
> return 0;
>
> pointer = scene_obj_find(scn, menu->pointer_id, SCENEOBJT_TEXT);
> - pstr = expo_get_str(scn->expo, pointer->str_id);
> + if (pointer)
> + pstr = expo_get_str(scn->expo, pointer->str_id);
>
> list_for_each_entry(item, &menu->item_head, sibling) {
> struct scene_obj_txt *key = NULL, *label = NULL;
This is in a slightly different place in -next, and I think the whole
function needs to be read and corrected for error handling. I think we
then will need to initialize pstr to NULL as well. Thanks.
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20250701/94190f55/attachment.sig>
More information about the U-Boot
mailing list