Fix incorrect address reference in btrfs
We encountered a weird random kernel initrd unpacking error on btrfs and finally found it was caused by incorrect address reference in range check for type GRUB_BTRFS_EXTENT_REGULAR and the entire result is unpredictable. This is a quick fix to make the address reference to the grub_btrfs_extent_data structure correctly, not the pointer variable to it. Any suggestions to this patch is welcome.
This commit is contained in:
parent
2a5a532c00
commit
54bd9a0610
2 changed files with 7 additions and 1 deletions
|
@ -1,3 +1,9 @@
|
||||||
|
2014-09-08 Michael Chang <mchang@suse.com>
|
||||||
|
|
||||||
|
* grub-core/fs/btrfs.c (grub_btrfs_extent_read): Fix extent size
|
||||||
|
check; comparing &data->extent against addresses in the region it
|
||||||
|
points to is unpredictable.
|
||||||
|
|
||||||
2014-09-07 Colin Watson <cjwatson@ubuntu.com>
|
2014-09-07 Colin Watson <cjwatson@ubuntu.com>
|
||||||
|
|
||||||
Support grub-emu on x32 (ILP32 but with x86-64 instruction set)
|
Support grub-emu on x32 (ILP32 but with x86-64 instruction set)
|
||||||
|
|
|
@ -1051,7 +1051,7 @@ grub_btrfs_extent_read (struct grub_btrfs_data *data,
|
||||||
|
|
||||||
data->extend = data->extstart + grub_le_to_cpu64 (data->extent->size);
|
data->extend = data->extstart + grub_le_to_cpu64 (data->extent->size);
|
||||||
if (data->extent->type == GRUB_BTRFS_EXTENT_REGULAR
|
if (data->extent->type == GRUB_BTRFS_EXTENT_REGULAR
|
||||||
&& (char *) &data->extent + elemsize
|
&& (char *) data->extent + elemsize
|
||||||
>= (char *) &data->extent->filled + sizeof (data->extent->filled))
|
>= (char *) &data->extent->filled + sizeof (data->extent->filled))
|
||||||
data->extend =
|
data->extend =
|
||||||
data->extstart + grub_le_to_cpu64 (data->extent->filled);
|
data->extstart + grub_le_to_cpu64 (data->extent->filled);
|
||||||
|
|
Loading…
Reference in a new issue