From 320ba79911511d7f29d3092fb4cc4f5b7a03d7da Mon Sep 17 00:00:00 2001
From: Maks Mishin <maks.mishinfz@gmail.com>
Date: Sun, 9 Feb 2025 18:46:21 +0300
Subject: [PATCH] tools: Fix potential null-deref with result of strtok_r

Return value of a function 'strtok_r' is dereferenced at kwbimage.c:1655
without checking for NULL, but it is usually checked for this function.

Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
---
 tools/kwbimage.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/kwbimage.c b/tools/kwbimage.c
index d1cbced28fc..3dcf5ba66b9 100644
--- a/tools/kwbimage.c
+++ b/tools/kwbimage.c
@@ -1653,6 +1653,12 @@ static int image_create_config_parse_oneline(char *line,
 	char *unknown_msg = "Ignoring unknown line '%s'\n";
 
 	keyword = strtok_r(line, delimiters, &saveptr);
+
+	if (!keyword) {
+		fprintf(stderr, "Parameter missing in line '%s'\n", line);
+		return -1;
+	}
+
 	keyword_id = recognize_keyword(keyword);
 
 	if (!keyword_id) {
-- 
2.39.5