vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

grub-install-common: avoid out of bound access when read failed

Browse source 
Check that modinfo.sh could be read successfully; abort on error. Avoids
potential out-of-bound array access.

CID: 73819
This commit is contained in:
Andrei Borzenkov 2014-11-28 20:45:27 +03:00
parent 478b567520
commit 0415dbe28f
2 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -1,5 +1,7 @@
2014-11-28 Andrei Borzenkov <arvidjaar@gmail.com>
* util/grub-install-common.c (grub_install_get_target): Check return
value of grub_util_fd_read (Coverity CID 73819).
* util/grub-mkstandalone.c (add_tar_file): Fix out of bound access
to hd.magic (Coverity CID 73587, 73888, bug 43690).

2
util/grub-install-common.c
View file

@ -911,6 +911,8 @@ grub_install_get_target (const char *src)
grub_util_error (_("%s doesn't exist. Please specify --target or --directory"),
fn);
r = grub_util_fd_read (f, buf, sizeof (buf) - 1);
if (r < 0)
grub_util_error (_("cannot read `%s': %s"), fn, strerror (errno));
grub_util_fd_close (f);
buf[r] = '\0';
c = strstr (buf, "grub_modinfo_target_cpu=");