From de1963fdee4fb6a966c7a58b0de55307fbc2312d Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Sun, 8 Mar 2026 03:26:51 +0000
Subject: util/nvmutil: do cmd bound check

instead of simply checking null, just do a bound check.

this would also cover NULL (-1)

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'util')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index f68a08d7..361b70b6 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -350,8 +350,21 @@ set_cmd_args(int argc, char *argv[])
 		part = conv_argv_part_num(argv[3]);
 	}
 
-	if (cmd == CMD_NULL)
-		err(EINVAL, "Bad command");
+	/*
+	 * This will never actually run.
+	 * It's put here as a guard against
+	 * future regressions by maintainers.
+	 *
+	 * The reason this shouldn't run is
+	 * because when a bad command (or no
+	 * command) is given, either the command
+	 * should be treated as a MAC address,
+	 * or if no command is given, a random
+	 * MAC address is used.
+	 */
+
+	if ((size_t)cmd >= items(command))
+		err(EINVAL, "Unhandled command error");
 }
 
 static size_t
-- 
cgit v1.2.1