[PATCH 1/1] efi_loader: correctly check if the HTTP protocol is found
Simon Glass
sjg at chromium.org
Mon Oct 6 22:38:15 CEST 2025
On Mon, 6 Oct 2025 at 07:39, Heinrich Schuchardt
<heinrich.schuchardt at canonical.com> wrote:
>
> In function efi_http_service_binding_destroy_child() phandler is created as
> as a local variable. If efi_search_protocol() fails, phandler will hold a
> random value from the stack. Even it is not zero, we must not use it.
>
> If efi_search_protocol() succeeds, the pointer has already be dereferenced,
> so checking against NULL makes not sense here.
>
> If ChildHandle is not a valid UEFI handle, we must return
> EFI_INVALID_PARAMETER.
>
> Use a single location for EFI_EXIT().
>
> Addresses-Coverity-ID: CID 531974 (Unchecked return value)
> Fixes: 5753dc3f6572 ("efi_loader: Prevent dereference of uninitialised variable")
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> ---
> lib/efi_loader/efi_http.c | 16 +++++++++-------
> 1 file changed, 9 insertions(+), 7 deletions(-)
Reviewed-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot
mailing list