[Skiboot] [PATCH] nvram: Fix a possible NULL pointer de-ref in nvram_query_eq()

Vaibhav Jain vaibhav at linux.ibm.com
Mon Sep 17 15:27:39 AEST 2018

A fault will occur if 'value == NULL' is passed to nvram_query_eq() to
check if a given key doesn't exists in nvram partition. This is an
invalid use of the API as its only supposed to be used for keys that
exist in nvram and 'value == NULL' is never possible.

Hence this patch adds an assert to the function to flag such a use and
also prevent NULL being passed as an argument to strcmp().

Signed-off-by: Vaibhav Jain <vaibhav at linux.ibm.com>
Suggested-by: Oliver O'Halloran <oohall at gmail.com>

v2	-> Instead of handling 'value == NULL' trigger an assert as
	its an invalid use of the api. [Oliver]
 core/nvram-format.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/core/nvram-format.c b/core/nvram-format.c
index 42c5cbbb..e2cb40f3 100644
--- a/core/nvram-format.c
+++ b/core/nvram-format.c
@@ -278,6 +278,14 @@ const char *nvram_query(const char *key)
+ * nvram_query_eq() - Check if the given 'key' exists and
+ * is set to 'value'.
+ *
+ * Note: Its an error to check for non-existence of a key
+ * by passing 'value == NULL' as a key's value can never be
+ * NULL in nvram.
+ */
 bool nvram_query_eq(const char *key, const char *value)
 	const char *s = nvram_query(key);
@@ -285,5 +293,6 @@ bool nvram_query_eq(const char *key, const char *value)
 	if (!s)
 		return false;
+	assert(value != NULL);
 	return !strcmp(s, value);

More information about the Skiboot mailing list