util/resolve: Do not read past the end of the array in read_dep_list()

If the last non-NULL byte of "buf" is not a white-space character (such as when a read line is longer than the size of "buf"), then "p" will eventually point to the byte after the last byte in "buf". After which "p" will be dereferenced in the while conditional leading to an out of bounds read. Make sure that "p" is inside "buf" before dereferencing it. Signed-off-by: Glenn Washburn <development@efficientek.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
author: Glenn Washburn <development@efficientek.com> 2022-01-12 20:55:00 -0600
committer: Daniel Kiper <daniel.kiper@oracle.com> 2022-02-08 13:39:01 +0100
commit: ddf47bdb042ab0ea52bc713b5f80cc48543f0469 (patch)
tree: 3414f29d8d9a79ad474b33ae0b8609e86820adfc
parent: fcf2594ca12777ffd717819663e1c4b3d737c928 (diff)
download: grub-ddf47bdb042ab0ea52bc713b5f80cc48543f0469.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/util/resolve.c b/util/resolve.c
index 3e887d2ff..5e9afa10c 100644
--- a/util/resolve.c
+++ b/util/resolve.c
@@ -102,7 +102,7 @@ read_dep_list (FILE *fp)
       dep_list = dep;
 
       /* Add dependencies.  */
-      while (*p)
+      while (p < (buf + sizeof (buf)) && *p)
 	{
 	  struct mod_list *mod;
 	  char *name;
author	Glenn Washburn <development@efficientek.com>	2022-01-12 20:55:00 -0600
committer	Daniel Kiper <daniel.kiper@oracle.com>	2022-02-08 13:39:01 +0100
commit	ddf47bdb042ab0ea52bc713b5f80cc48543f0469 (patch)
tree	3414f29d8d9a79ad474b33ae0b8609e86820adfc
parent	fcf2594ca12777ffd717819663e1c4b3d737c928 (diff)
download	grub-ddf47bdb042ab0ea52bc713b5f80cc48543f0469.tar.gz