vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Fix brainos from misapplied patches. Add improved password checking.

Browse source
This commit is contained in:
gord 1999-03-27 22:59:57 +00:00
parent d61ce9f2a4
commit 8a1b524d47
6 changed files with 92 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

24
ChangeLog
View file

@ -1,9 +1,29 @@
1999-03-27 Gordon Matzigkeit <gord@trick.fig.org>
* grub/asmstub.c (checkkey): Fix unterminated comment.
* shared_src/char_io.c (grub_printf): Renamed from printf.
(grub_tolower): Renamed from tolower.
(grub_isspace): Renamed from isspace.
(grub_strncat): Renamed from strncat.
(grub_strstr): Renamed from strstr.
(grub_bcopy): Renamed from bcopy.
(grub_bzero): Renamed from bzero.
From Bradford Hovinen:
* shared_src/char_io.c (get_cmdline): Add new argument to hide
password entry.
(grub_strcmp): New function.
* shared_src/shared.h (get_cmdline): Fix declaration.
(grub_strcmp): Declare.
* shared_src/stage2.c (run_menu): Use get_cmdline with an
ECHO_CHAR of `*'. This protects against both brute-force and
sidelong-glance password cracking attempts.
* grub/main.c (usage): Display defaults for stage2 options.
* grub/asmstub.c [NO_REMAPPING_LIBC_FUNCTIONS]: Rename to
WITHOUT_LIBC_STUBS.
* grub/asmstub.c [WITHOUT_LIBC_STUBS]: Renamed from
NO_REMAPPING_LIBC_FUNCTIONS.
* grub/main.c: Likewise.
* shared_src/shared.h: Likewise.

6
grub/asmstub.c
View file

@ -143,7 +143,7 @@ grub_stage2 (void)
/* Close off the file descriptors we used. */
for (i = 0; i < NUM_DISKS; i ++)
if (disks[i].flags)
close ((FILE *) disks[i].flags);
close (disks[i].flags);
/* Release memory. */
free (disks);
@ -356,7 +356,7 @@ checkkey (void)
ungetch (c); /* FIXME: ncurses-1.9.9g ungetch is buggy. */
return c;
#else
/* Just pretend they hit the space bar.
/* Just pretend they hit the space bar. */
return ' ';
#endif
}
@ -501,7 +501,7 @@ biosdisk (int subfunc, int drive, struct geometry *geometry,
buf = (char *) (segment << 4);
/* FIXME: handle EINTR */
if (read (fd, buf, nsec * SECTOR_SIZE, fp) != nsec * SECTOR_SIZE)
if (read (fd, buf, nsec * SECTOR_SIZE) != nsec * SECTOR_SIZE)
return -1;
return 0;
}

55
shared_src/char_io.c
View file

@ -80,7 +80,7 @@ convert_to_ascii (char *buf, int c,...)
void
printf (char *format,...)
grub_printf (char *format,...)
{
int *dataptr = (int *) &format;
char c, *ptr, str[16];
@ -137,20 +137,24 @@ init_page (void)
at once. So, the whole screen is about 2000 characters, minus the
PROMPT, and space for error and status lines, etc. MAXLEN must be
at least 1, and PROMPT and CMDLINE must be valid strings (not NULL
or zero-length). */
or zero-length).
If ECHO_CHAR is nonzero, echo it instead of the typed character. */
int
get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen,
int echo_char)
{
int ystart, yend, xend, lpos, c;
int plen = 0;
int llen = 0;
/* nested function definition for code simplicity */
static void cl_print (char *str)
static void cl_print (char *str, int echo_char)
{
while (*str != 0)
{
putchar (*(str++));
putchar (echo_char ? echo_char : *str);
str ++;
if (++xend > 78)
{
xend = 0;
@ -180,8 +184,8 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
ystart = (getxy () & 0xff);
yend = ystart;
xend = 0;
cl_print (prompt);
cl_print (cmdline);
cl_print (prompt, 0);
cl_print (cmdline, echo_char);
cl_setcpos ();
}
@ -324,7 +328,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
cl_setcpos ();
if (lpos != llen)
{
cl_print (cmdline + lpos);
cl_print (cmdline + lpos, echo_char);
cl_setcpos ();
}
}
@ -348,7 +352,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
{
lpos = 0;
cl_setcpos ();
cl_print (cmdline);
cl_print (cmdline, echo_char);
cl_setcpos ();
}
}
@ -360,7 +364,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
{
cmdline[lpos] = c;
cmdline[lpos + 1] = 0;
cl_print (cmdline + lpos);
cl_print (cmdline + lpos, echo_char);
lpos ++;
cl_setcpos ();
}
@ -371,7 +375,7 @@ get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen)
cmdline[i + 1] = cmdline[i];
cmdline[lpos] = c;
cl_setcpos ();
cl_print (cmdline + lpos);
cl_print (cmdline + lpos, echo_char);
lpos++;
cl_setcpos ();
}
@ -481,7 +485,7 @@ safe_parse_maxint (char **str_ptr, int *myint_ptr)
int
tolower (int c)
grub_tolower (int c)
{
if (c >= 'A' && c <= 'Z')
return (c + ('a' - 'A'));
@ -492,7 +496,7 @@ tolower (int c)
int
isspace (int c)
grub_isspace (int c)
{
if (c == ' ' || c == '\t' || c == '\n')
return 1;
@ -502,7 +506,7 @@ isspace (int c)
int
strncat (char *s1, char *s2, int n)
grub_strncat (char *s1, char *s2, int n)
{
int i = -1;
@ -521,6 +525,23 @@ strncat (char *s1, char *s2, int n)
}
int
grub_strcmp (char *s1, char *s2)
{
while (*s1 || *s2)
{
if (*s1 < *s2)
return -1;
else if (*s1 > *s2)
return 1;
s1 ++;
s2 ++;
}
return 0;
}
int
substring (char *s1, char *s2)
{
@ -542,7 +563,7 @@ substring (char *s1, char *s2)
char *
strstr (char *s1, char *s2)
grub_strstr (char *s1, char *s2)
{
char *ptr, *tmp;
@ -586,7 +607,7 @@ memcheck (int start, int len)
int
bcopy (char *from, char *to, int len)
grub_bcopy (char *from, char *to, int len)
{
if (memcheck ((int) to, len))
{
@ -614,7 +635,7 @@ bcopy (char *from, char *to, int len)
int
bzero (char *start, int len)
grub_bzero (char *start, int len)
{
if (memcheck ((int) start, len))
{

2
shared_src/cmdline.c
View file

@ -224,7 +224,7 @@ returnit:
print_error();
}
if (run_cmdline && get_cmdline(PACKAGE "> ", commands, cur_heap, 2048))
if (run_cmdline && get_cmdline (PACKAGE "> ", commands, cur_heap, 2048, 0))
return 1;
if (substring("boot", cur_heap) == 0 || (script && !*cur_heap))

5
shared_src/shared.h
View file

@ -212,6 +212,7 @@ extern char *grub_scratch_mem;
#define putchar grub_putchar
#define strncat grub_strncat
#define strstr grub_strstr
#define strcmp grub_strcmp
#define tolower grub_tolower
#endif /* WITHOUT_LIBC_STUBS */
@ -454,12 +455,14 @@ int grub_strncat (char *s1, char *s2, int n);
int grub_bcopy (char *from, char *to, int len);
int grub_bzero (char *start, int len);
char *grub_strstr (char *s1, char *s2);
int grub_strcmp (char *s1, char *s2);
/* misc */
void init_page (void);
void print_error (void);
char *convert_to_ascii (char *buf, int c,...);
int get_cmdline (char *prompt, char *commands, char *cmdline, int maxlen);
int get_cmdline (char *prompt, char *commands, char *cmdline,
int maxlen, int echo_char);
int substring (char *s1, char *s2);
int get_based_digit (int c, int base);
int safe_parse_maxint (char **str_ptr, int *myint_ptr);

42
shared_src/stage2.c
View file

@ -314,24 +314,30 @@ restart:
if (c == 'p')
{
/* Do password check here! */
char *ptr = password;
gotoxy(2, 22);
printf("Entering password... ");
do
char entered[32];
char *pptr = password;
gotoxy(1, 21);
get_cmdline (" Password: ", commands, entered, 31, '*');
while (! isspace (*pptr))
pptr ++;
if (! strcmp (password, entered))
{
if (isspace(*ptr))
{
char *new_file = config_file;
while (isspace(*ptr)) ptr++;
while ((*(new_file++) = *(ptr++)) != 0);
return;
}
c = ASCII_CHAR(getkey());
char *new_file = config_file;
bzero (entered, sizeof (entered));
while (isspace (*pptr))
pptr ++;
while ((*(new_file ++) = *(pptr ++)) != 0);
return;
}
else
{
bzero (entered, sizeof (entered));
printf("Failed!\n Press any key to continue...");
getkey ();
goto restart;
}
while (*(ptr++) == c);
printf("Failed!\n Press any key to continue...");
getkey();
goto restart;
}
}
else
@ -379,8 +385,8 @@ restart:
saved_partition = install_partition;
current_drive = 0xFF;
if (!get_cmdline(PACKAGE " edit> ", commands, new_heap,
NEW_HEAPSIZE + 1))
if (! get_cmdline(PACKAGE " edit> ", commands, new_heap,
NEW_HEAPSIZE + 1, 0))
{
int j = 0;