[syslinux] [PATCH 1/1] gpxe: fix possible null pointer dereference
Felipe Pena
felipensp at gmail.com
Mon Sep 23 18:05:16 PDT 2013
Possibly authority variable (initialized with NULL) might be dereferenced when
an arbitrary path (without "//" on it) is supplied to parse_uri() function
Signed-off-by: Felipe Pena <felipensp at gmail.com>
---
gpxe/src/core/uri.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gpxe/src/core/uri.c b/gpxe/src/core/uri.c
index 6a1f2e5..4987821 100644
--- a/gpxe/src/core/uri.c
+++ b/gpxe/src/core/uri.c
@@ -151,7 +151,7 @@ struct uri * parse_uri ( const char *uri_string ) {
}
/* Split authority into user[:password] and host[:port] portions */
- if ( ( tmp = strchr ( authority, '@' ) ) ) {
+ if ( authority != NULL && ( tmp = strchr ( authority, '@' ) ) ) {
/* Has user[:password] */
*(tmp++) = '\0';
uri->host = tmp;
--
1.7.10.4
More information about the Syslinux
mailing list