[PATCH 1/3] efi_loader: Prevent dereferencing NULL pointer
Ilias Apalodimas
ilias.apalodimas at linaro.org
Wed Jul 2 08:16:01 CEST 2025
On Tue, 1 Jul 2025 at 16:38, Andrew Goodbody <andrew.goodbody at linaro.org> wrote:
>
> Taking the first goto error: in file_open could either result in an
> attempt to dereference fh when NULL or else free fh->path which has
> not been assigned to and so will be unknown. Avoid both of these
> problems by passing path to free instead of fh->path.
>
> This issue found by Smatch.
>
> Signed-off-by: Andrew Goodbody <andrew.goodbody at linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> ---
> lib/efi_loader/efi_file.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
> index 7d81da8f2d8..19b43c4a625 100644
> --- a/lib/efi_loader/efi_file.c
> +++ b/lib/efi_loader/efi_file.c
> @@ -248,7 +248,7 @@ static struct efi_file_handle *file_open(struct file_system *fs,
> return &fh->base;
>
> error:
> - free(fh->path);
> + free(path);
> free(fh);
> return NULL;
> }
>
> --
> 2.39.5
>
More information about the U-Boot
mailing list