From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1lH9MW-00021M-SZ for mharc-grub-devel@gnu.org; Tue, 02 Mar 2021 13:03:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:32822) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lH9MM-0001iV-B5 for grub-devel@gnu.org; Tue, 02 Mar 2021 13:03:02 -0500 Received: from aserp2130.oracle.com ([141.146.126.79]:52966) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lH9MJ-0008Lx-Em for grub-devel@gnu.org; Tue, 02 Mar 2021 13:03:02 -0500 Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 122HxAmA041334 for ; Tue, 2 Mar 2021 18:02:56 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : subject : date : message-id : in-reply-to : references : content-type : mime-version; s=corp-2020-01-29; bh=0ZQ7K2Ss8W1qwSFVNd9qM4rzqL078t44hxqLbJV9VKc=; b=cmFo1tIGlncFnkUjWlLFVnuRgwrMmSko59lKasabg+aIOb3wn4ILncvCRwYDPawmW3bE trts7qGtd7NcfUhodr6FGkv0//knXTfYpWkZhOYGYRNlPbwwl2RFyxkKY/G4V37+CBlA pKofkwdmAxnyeIgam0zt6p4jywBOqYm4HElwhzX+kwy1G84yLfGH6Jm45ZjBvXOM6uJT ewlrA8/tskU2yaOkedWKYZjqV8/Qj5+F29hLZOer863y17dKIxrtJJclD5NVpHbjrts4 lRZqUMOmSJX18etsNt+PEDJIPHSQ/2ISywhpszHKURqcZDgwl2e18wxIALgFNBvubJLE fw== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by aserp2130.oracle.com with ESMTP id 36ybkb8qv7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 02 Mar 2021 18:02:56 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 122I11El173020 for ; Tue, 2 Mar 2021 18:02:55 GMT Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2045.outbound.protection.outlook.com [104.47.66.45]) by userp3030.oracle.com with ESMTP id 37000xbyk5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 02 Mar 2021 18:02:55 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZFts6ybgwP1gxh1WdxzfSKWmIdzXY7bIlRZHfmrNEjnKkuoCcnG9t/y5xesCj5/brE0gmoNGmHM9WDXz3aK73nVIJ/ej6tmze1+XdXf02fxszedJzjSl8Zg8MkAg2kKZVGAHpe97xrOjfp4v3jWWM6S/WiArfS4TpBfb+XvCR0XIbs+/FeLu7I5GkA+CTuCfl0RtswFcKeo2wQ+emflexrOGWgN5xcQAVh45olkM0FrzddCZBLuBmu+AqSEq/HCS0VB8lVD5at29XGnm6rB5Dtb8pc5g2pXcPeSJ7WoHBUVPnOPVSImlqr9FpP1CtefOwJIbyBxFYdE+qWqHKS158A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0ZQ7K2Ss8W1qwSFVNd9qM4rzqL078t44hxqLbJV9VKc=; b=mkjyqd97jI9819TemljIT/8MaKzhgeSyLW4uF6tQWwJdTWadN2w0R1XA3arG4C/d5juPS3d59m+0+ZIbR2XxRPQDFyYCvbTKbIuaJ7Kldraxk50QHXcRmFETMqcAUtg+DKlW8Mv5mMazBzuRqAXXuXXq0kYglPDfgIFlt4yTICUxAHx+FaVTlVGna11L8hqC1VZE1rjFc1BvytJDdxPZvhMxxVK5vvrvF7uh/FJDDXmLT4goF4+7+igSYXD1pMaZo0y+BE2Lc6xRqt2NBgFru0eAfiAjgKqXMdc2qJBAuSooDqF4FkAhVse+FexVo1tJiUu5rvCJkKtubQFZPXvO3Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0ZQ7K2Ss8W1qwSFVNd9qM4rzqL078t44hxqLbJV9VKc=; b=Qrc5P7kDzObHtUtovVVjmfUYhOqDHG6tc7SMK4XMpLu9C/mPcfkbRp0KJkhN+MVYytij64Xbjzp9LXc8Tj/Eq5Tf70tnvV/h4KLp6NZKKgb3FbPrZHOOgxieEvsVneW4laZjctlx6lffTTwaePo+0I/WGlcHV/xACUBDtZHOWM0= Authentication-Results: gnu.org; dkim=none (message not signed) header.d=none;gnu.org; dmarc=none action=none header.from=oracle.com; Received: from BN6PR1001MB2228.namprd10.prod.outlook.com (2603:10b6:405:2e::38) by BN7PR10MB2723.namprd10.prod.outlook.com (2603:10b6:406:c7::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3890.19; Tue, 2 Mar 2021 18:02:53 +0000 Received: from BN6PR1001MB2228.namprd10.prod.outlook.com ([fe80::a06f:8b3f:14dc:8af5]) by BN6PR1001MB2228.namprd10.prod.outlook.com ([fe80::a06f:8b3f:14dc:8af5%3]) with mapi id 15.20.3890.028; Tue, 2 Mar 2021 18:02:53 +0000 From: Daniel Kiper To: grub-devel@gnu.org Subject: [SECURITY PATCH 020/117] kern/parser: Fix resource leak if argc == 0 Date: Tue, 2 Mar 2021 19:00:27 +0100 Message-Id: <20210302180204.23887-20-daniel.kiper@oracle.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20210302180056.zq4bk2w2cuqhbvx3@tomti.i.net-space.pl> References: <20210302180056.zq4bk2w2cuqhbvx3@tomti.i.net-space.pl> Content-Type: text/plain X-Originating-IP: [84.10.22.86] X-ClientProxiedBy: AM6PR0502CA0048.eurprd05.prod.outlook.com (2603:10a6:20b:56::25) To BN6PR1001MB2228.namprd10.prod.outlook.com (2603:10b6:405:2e::38) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tomti.i.net-space.pl (84.10.22.86) by AM6PR0502CA0048.eurprd05.prod.outlook.com (2603:10a6:20b:56::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3912.17 via Frontend Transport; Tue, 2 Mar 2021 18:02:52 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f353e21d-9bbb-472c-778d-08d8dda5666a X-MS-TrafficTypeDiagnostic: BN7PR10MB2723: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FBLexwdD0EGnFTlb1gyPf1nTf83MpOyX0TmCIzccwaribzaqbQBoLfaZOdC41Qc1MRUWesafRD+vCX3JXNNPT1nYjMIDFvgF2uFcbKtrQ41F5/70A9h8IdwKVukKAGM55WfA5PQDW6hE3qj6wCTKXNVBBuSHYnUj5BvZFSbwbPoKLFctiDo5EtJADucwBZaeT56gkAjZjboc5/+/vEIny5mLBb4JKlye+fChlI6eW39Ryv6pN2Pyoz7jeLnMjW9HqZQWqbkzJsRgZRlQtkQMX39jmtlqt1bAI5owe5MAzyfgLLuKevHypv3g5aTZy5NzTqN3qs9tTlTcdNZ0Xj9JzkTeco8nPftVMx1ePPlQ+EtUH3EV8vjf8God/haTkB4RTSXPve06FLHNubDX/G1ym6wvtqIcs2r7k7U0lZy1GfXO+wpiWrxZyhPT+Xht2Q6gLfrnWsJsCJVGoMYo3iF3J0VV++6NuXzKRrMfoonBySi0NQ2dNLtfBNwos9JDr4K6UBLJTI3D0pAcX1IsJ07JEQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN6PR1001MB2228.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(39860400002)(346002)(366004)(136003)(376002)(8936002)(66556008)(316002)(8676002)(66476007)(6506007)(66946007)(478600001)(6486002)(5660300002)(6666004)(86362001)(26005)(44832011)(2616005)(52116002)(186003)(1076003)(6512007)(956004)(2906002)(6916009)(36756003)(16526019); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?CvLxP2Hh63DItHCjzn7vC6A/s/ELbskCt4XjaCYrP0gj0n7gO87VURqnrODd?= =?us-ascii?Q?Dz+tTRZHrepRgK9gfRN777uGGkhStA53XPNmrR+mpeDerpJ3uynhDuHzpK2j?= =?us-ascii?Q?EphOoKc0RNLWbo8hQ/Do6ZKUmBVS88QJLZm2F3/SU7syRRJJbGeC4cREFnhm?= =?us-ascii?Q?VnTfK7Rbk98ah0sKs8XDWSVtN3vAhPBp25w9rjdCTLiFixLmSkNp5JSogCYx?= =?us-ascii?Q?+3D7IbbVV/nZacFz2q/GtzEY0oGlIleMmaHUdjn7kKcFb4eHTuivpk3JoAkl?= =?us-ascii?Q?uUFd/XYqO73NboiSq+VjrS1bmhXgfu34hFdxAtNNWPQVRH/UrL5TCRaYh/eE?= =?us-ascii?Q?OyUs/W6uMr7SgNbIANySDnUVeIqHDUW2L95S+bX9T/9rqyXSD74WmQfWBnh0?= =?us-ascii?Q?iAsjvhUKSpLDFym5evS4VWZfWnGSBn5U2JaOHkdm97EP7CAtfdqHDgVVm7Eu?= =?us-ascii?Q?4iXe19AGrTpdK3XDRQsQxtn091dRRUMSZIytBW32alIBPXcyq/ilyxRvP2rb?= =?us-ascii?Q?mJX5sklU+rNiKupzetcZ6djlyZ3FBHyK4+4DZ7I+CGSvJ+ODVvgG9bfW9hzb?= =?us-ascii?Q?9kwJP9yO9GB0FuWiKgHUoXTI/6C3fVFw8I836W4F1nL/BfbSVzM20raRHyBR?= =?us-ascii?Q?ZOZQGjpelBgVrQOmRvNLPad17RZpAkQzFez2fSko/5ukgA1PDefn8jegcXME?= =?us-ascii?Q?rWmAimufDNZezQPczexgQONZWWAKKAsTGuzQgfmvGLBhGHa+xtvZDRyFNs5B?= =?us-ascii?Q?6ViJk1w0zQr7/ERyzijsZlcHXoetv8KTDYYwMjKql/1qVWdK6vGH1JEbl6Ip?= =?us-ascii?Q?OgNVhkSKFHRgxzmOtgQKg6HMLmPHNe2LHd4uLh02jQar9aCm9xS19VEzxvlW?= =?us-ascii?Q?9wr7zgMLaChvHNtmVMBuTcQmyPISY8wroRTqHcJooOxOe5Tw0sQsnfVcSSPF?= =?us-ascii?Q?QDj1RAs3b7FBTRRl4iqOMjDI2Y9ckOIvPoVpHPiv/MxACJ39YUafhkfkYUcb?= =?us-ascii?Q?HEqEKOhzGaZECEZGcpvXhSJ5IY3H69xM8DQ9GLL3s7GwXheYspUeNu4MWH/L?= =?us-ascii?Q?+UUzjtDi7I7T4I55s4HA7PILTCw840srzJO6igyUO1GueQEiWDHHgDDbUsJu?= =?us-ascii?Q?myJDGLrMhlOQEKr9/DixiiREZlT4ZPca6GH0+pnk1Tswfodk+pHSq5CJX87M?= =?us-ascii?Q?FDgAtRKxvjzWQ3PjHAnJvWeTkZLtWyU8NTo1zO0+q7Hfx2hEpIjAfClw/9hh?= =?us-ascii?Q?EoPTC7Bf1aSX+HdSa6vElamQGrFuLoLNz6bS8no00C/EOg0M5hhj2KHrSB3/?= =?us-ascii?Q?Na8G4VvREI2ArXuFodHM5PzX?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: f353e21d-9bbb-472c-778d-08d8dda5666a X-MS-Exchange-CrossTenant-AuthSource: BN6PR1001MB2228.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2021 18:02:53.2689 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Y71hjLjbb9k0fl2JeGnvgEhZzVmRHiltS0meFS7FVLT9hb86YU0kyqNqxXwxIFfT+sdyCN2ut+CLDyuXKWwmFA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR10MB2723 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9911 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 mlxscore=0 phishscore=0 malwarescore=0 spamscore=0 mlxlogscore=999 suspectscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103020140 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9911 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 impostorscore=0 suspectscore=0 phishscore=0 bulkscore=0 mlxscore=0 lowpriorityscore=0 clxscore=1015 mlxlogscore=999 adultscore=0 malwarescore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103020140 Received-SPF: pass client-ip=141.146.126.79; envelope-from=daniel.kiper@oracle.com; helo=aserp2130.oracle.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Mar 2021 18:03:02 -0000 From: Darren Kenny After processing the command-line yet arriving at the point where we are setting argv, we are allocating memory, even if argc == 0, which makes no sense since we never put anything into the allocated argv. The solution is to simply return that we've successfully processed the arguments but that argc == 0, and also ensure that argv is NULL when we're not allocating anything in it. There are only 2 callers of this function, and both are handling a zero value in argc assuming nothing is allocated in argv. Fixes: CID 96680 Signed-off-by: Darren Kenny Reviewed-by: Daniel Kiper --- grub-core/kern/parser.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c index 619db3122..d1cf061ad 100644 --- a/grub-core/kern/parser.c +++ b/grub-core/kern/parser.c @@ -146,6 +146,7 @@ grub_parser_split_cmdline (const char *cmdline, int i; *argc = 0; + *argv = NULL; do { if (!rd || !*rd) @@ -207,6 +208,10 @@ grub_parser_split_cmdline (const char *cmdline, (*argc)++; } + /* If there are no args, then we're done. */ + if (!*argc) + return 0; + /* Reserve memory for the return values. */ args = grub_malloc (bp - buffer); if (!args) -- 2.11.0