f725fa7cb2
calloc: Use calloc() at most places
...
This modifies most of the places we do some form of:
X = malloc(Y * Z);
to use calloc(Y, Z) instead.
Among other issues, this fixes:
- allocation of integer overflow in grub_png_decode_image_header()
reported by Chris Coulson,
- allocation of integer overflow in luks_recover_key()
reported by Chris Coulson,
- allocation of integer overflow in grub_lvm_detect()
reported by Chris Coulson.
Fixes: CVE-2020-14308
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
ad4bfeec5c
Change fs functions to add fs_ prefix
...
This avoid conflict with gnulib
Signed-off-by: Vladimir Serbinenko <phcoder@google.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-04-09 10:03:29 +10:00
ca0a4f689a
verifiers: File type for fine-grained signature-verification controlling
...
Let's provide file type info to the I/O layer. This way verifiers
framework and its users will be able to differentiate files and verify
only required ones.
This is preparatory patch.
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
f3f8347569
bufio: Use grub_size_t instead of plain int for size
...
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
b66e364f13
bufio: Round up block size to power of 2
...
Rounding up the bufio->block_size to meet power of 2 to facilitate next_buf
calculation in grub_bufio_read().
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-05-08 12:28:18 +02:00
95acd4cbda
gzio: fix unaligned access
2017-08-30 21:31:28 +02:00
b18ce97c67
Implement checksum verification for gunzip
...
This implements the crc32 check for the gzip format. Support for zlib's
adler checksum is not included, yet.
2017-08-30 16:07:54 +02:00
1deebd85ef
io: add a GRUB_GZ prefix to gzio specific defines
...
* This is done to avoid a conflict with a PACKED define in the EDK2
2017-08-07 19:30:26 +02:00
7ba066419a
gzio: Optimize by removing division.
2015-02-26 22:10:09 +01:00
343dad410e
grub-core/disk/lzopio.c: fix double free in error path
...
CID: 73665
2014-11-28 22:37:00 +03:00
2e238b3708
Make grub_zlib_decompress handle incomplete chunks.
...
Fixes squash4.
2013-12-18 23:39:49 +01:00
24d5934daa
Fix double-free introduced by commit 33d02a42d6
...
To reproduce the problem, make sure you have a GPG public key available, build and install GRUB:
grub-install --debug --debug-image="all" --pubkey=/boot/pubkey.gpg --modules="serial terminfo gzio search search_label search_fs_uuid search_fs_file linux vbe video_fb video mmap relocator verify gcry_rsa gcry_dsa gcry_sha256 hashsum gcry_sha1 mpi echo loadenv boottime" /dev/sda
Sign all the files in /boot/grub/* and reboot.
'make check' results identical before and after this change.
TESTED: In a QEMU VM using an i386 target.
2013-12-17 07:32:07 -08:00
3086175489
Implement Truecrypt ISO loader.
2013-12-17 14:45:46 +01:00
ec824e0f2a
Implement grub_file tool and use it to implement generating of config
...
in separate root.
2013-12-17 14:39:48 +01:00
7e47e27bd8
Add gcc_struct to all packed structures when compiling with mingw.
...
Just "packed" doesn't always pack the way we expect.
2013-12-15 14:14:30 +01:00
9e34a34e44
* grub-core/io/lzopio.c: Remove variable length arrays.
2013-11-12 01:25:03 +01:00
9612ebc00e
Add new ports: i386-xen and x86_64-xen. This allows running GRUB in
...
XEN PV environment and load kernels.
2013-11-09 21:29:11 +01:00
ec0ebb3fc2
Remove vestiges of -Wunsafe-loop-optimisations.
...
* conf/Makefile.common (CFLAGS_GNULIB): Remove
-Wno-unsafe-loop-optimisations.
* grub-core/commands/legacycfg.c: Remove -Wunsafe-loop-optimisations
pragma.
* grub-core/io/gzio.c: Likewise.
* grub-core/script/parser.y: Likewise.
* grub-core/script/yylex.l: Likewise.
* util/grub-mkfont.c: Likewise.
2013-11-07 02:25:31 +01:00
3ee0869734
* grub-core/io/lzopio.c (test_header): Simplify code and remove useless
...
"checksum = checksum;".
2013-11-07 00:51:28 +01:00
a602dc5425
* grub-core/io/gzio.c (huft_build): Use zalloc for safety.
...
(initialize_tables): reset tl and td to NULL after freeing.
2013-10-30 11:58:00 +01:00
c64577a554
* grub-core/io/gzio.c (test_zlib_header): Use undigned modulo rather
...
than signed.
2013-10-25 20:18:30 +02:00
02adbb932d
* grub-core/io/lzopio.c: Use GRUB_PROPERLY_ALIGNED_ARRAY.
...
* grub-core/loader/i386/bsd.c: Likewise.
2013-04-28 15:18:50 +02:00
5e3b8dcbb5
Import gcrypt public-key cryptography and implement signature checking.
2013-01-11 21:32:42 +01:00
f8861eaf9f
* grub-core/io/bufio.c (grub_bufio_open): Use grub_zalloc instead of
...
explicitly zeroing elements.
* grub-core/io/gzio.c (grub_gzio_open): Likewise.
* grub-core/io/lzopio.c (grub_lzopio_open): Remove explicit zeroing
of elements in a structure already allocated using grub_zalloc.
* grub-core/io/xzio.c (grub_xzio_open): Likewise.
2013-01-07 10:45:05 +00:00
fd556a962e
* grub-core/io/lzopio.c (read_block_header): Fix incorrect byte swapping
...
(test_header): Likewise.
2012-04-07 19:54:51 +02:00
bb51c6c647
* grub-core/commands/acpi.c: Add TRANSLATORS comments.
...
* grub-core/commands/gptsync.c: Likewise.
* grub-core/commands/hashsum.c: Likewise.
* grub-core/commands/i386/pc/sendkey.c: Likewise.
* grub-core/commands/legacycfg.c: Likewise.
* grub-core/io/gzio.c: Likewise.
* grub-core/net/net.c: Likewise.
* grub-core/term/gfxterm.c: Likewise.
* grub-core/term/terminfo.c: Likewise.
* grub-core/tests/test_blockarg.c: Likewise.
* grub-core/video/video.c: Likewise.
* util/grub-install.in: Likewise.
* util/grub-mkfont.c: Likewise.
2012-03-06 14:11:10 +01:00
4e27343fb0
* conf/Makefile.common (CFLAGS_GNULIB): Add
...
-Wno-unsafe-loop-optimizations.
* configure.ac: Remove -Wmissing-declarations and -Wmissing-prototypes
on tools.
* grub-core/commands/legacycfg.c: Add pragma to skip
-Wunsafe-loop-optimizations.
(check_password_md5_real): Fix loop counter type.
* grub-core/commands/testload.c (grub_cmd_testload): Fix over the EOF
reading.
* grub-core/disk/ldm.c (grub_util_get_ldm): Fix logic error.
* grub-core/fs/zfs/zfs_sha256.c (zio_checksum_SHA256): Add safety
loop condition.
* grub-core/io/gzio.c: Add pragma to skip -Wunsafe-loop-optimizations.
* grub-core/lib/LzmaEnc.c (GetOptimum): Avoid possible infinite loop.
* grub-core/net/net.c (grub_net_route_address): Add safety loop
condition.
* grub-core/normal/charset.c (bidi_line_wrap): Likewise.
* grub-core/normal/cmdline.c (grub_set_history): Fix loop types and
avoid possible infinite loops.
* grub-core/script/parser.y: Add pragma to skip -Wmissing-declarations
and -Wunsafe-loop-optimizations.
* grub-core/script/yylex.l: Likewise.
* util/grub-mkfont.c: Add pragma to skip -Wunsafe-loop-optimizations.
(print_glyphs): Avoid infinite loops.
* util/grub-mkimage.c (compress_kernel_xz): Fix format security.
2012-02-24 12:30:32 +01:00
d61386e21d
Improve string. Gettextize.
2012-02-12 15:25:25 +01:00
9c4b5c13e6
Improve gettext support. Stylistic fixes and error handling fixes while
...
on it.
2012-02-08 19:26:01 +01:00
67639fd75e
* grub-core/io/lzopio.c (uncompress_block): Fix use of incorrect
...
variable.
2012-01-30 01:18:02 +01:00
9c2710789f
Eliminate grub_min/grub_max prone to overflow usage.
...
* grub-core/bus/usb/usbhub.c (grub_usb_add_hub): Eliminate grub_min.
(poll_nonroot_hub): Likewise.
* grub-core/fs/affs.c (grub_affs_iterate_dir): Likewise.
(grub_affs_label): Likewise.
* grub-core/fs/btrfs.c (grub_btrfs_lzo_decompress): Likewise.
* grub-core/fs/hfs.c (grub_hfs_dir): Likewise.
(grub_hfs_label): Likewise.
* grub-core/fs/hfsplus.c (grub_hfsplus_cmp_catkey): Likewise.
* grub-core/fs/zfs/zfs.c (MIN): Remove.
(zap_leaf_array_equal): Use grub_size. Remove MIN.
(zap_leaf_array_get): Likewise.
(dnode_get_path): Likewise.
* grub-core/io/lzopio.c (grub_lzopio_read): Eliminate grub_min.
* grub-core/io/xzio.c (grub_xzio_read): Likewise.
* grub-core/script/execute.c (grub_script_break): Likewise.
* grub-core/script/lexer.c (grub_script_lexer_record): Eliminate
grub_max.
* grub-core/script/yylex.l (grub_lexer_yyrealloc): Likewise.
* include/grub/misc.h (grub_min): Removed.
(grub_max): Likewise.
2012-01-14 15:44:34 +01:00
c029da8a89
Various squash4 fixes and LZO and XZ support.
...
* Makefile.util.def (libgrubmods.a): Add xzembed directory to cppflags.
Add xzembed source files.
* grub-core/Makefile.core.def (squash4): Add xzembed and minilzo flags.
* grub-core/fs/squash4.c (grub_squash_super): New field compression.
(grub_squash_inode): New subtype long_dir.
(SQUASH_TYPE_LONG_DIR): New inode type.
(COMPRESSION): New enum.
(XZBUFSIZ): New const.
(grub_squash_data): New fields blksz, decompress, xzdec, xzbuf.
(read_chunk): Use data->decompress.
(zlib_decompress): New function.
(lzo_decompress): Likewise.
(xz_decompress): Likewise.
(squash_mount): Set new data fields.
(grub_squash_iterate_dir): Handle long dir.
(squash_unmount): Free xzdec and xzbuf.
(grub_squash_open): Check ino type.
(direct_read): Stylistic fixes. Use data->decompress.
(grub_squash_read_data): Likewise.
* grub-core/io/gzio.c (grub_gzio): Remove disk_input.
(get_byte): Likewise.
(grub_zlib_disk_read): Removed.
* grub-core/lib/posix_wrap/sys/types.h (ssize_t): New type.
(GRUB_POSIX_BOOL_DEFINED): New define.
* grub-core/lib/posix_wrap/unistd.h: Include sys/types.h.
* grub-core/lib/xzembed/xz.h: Addmissing includes.
[!GRUB_POSIX_BOOL_DEFINED]: Define bool.
* include/grub/deflate.h (grub_zlib_disk_read): Removed.
2011-12-26 13:18:01 +01:00
cc4fddf5f5
* grub-core/io/bufio.c (grub_bufio_read): Fix handling of corner cases.
2011-12-25 15:43:15 +01:00
bd67ad0f70
merge mainline into net
2011-12-15 20:51:35 +01:00
d1e293bbfa
* grub-core/io/lzopio.c (test_header): Fix incorrect memcmp instead of
...
grub_memcmp usage.
2011-10-23 22:55:32 +02:00
bd40efbf0b
several net bugfixes and improvements and fix some memory leaks
2011-10-13 18:31:53 +02:00
bc4d3f4809
* grub-core/io/lzopio.c (calculate_uncompressed_size): Fix return code.
2011-10-04 21:10:21 +02:00
0e2b7e39f2
* grub-core/fs/btrfs.c: Include <minilzo.h> instead of "minilzo.h".
...
* grub-core/io/lzopio.c: Likewise.
2011-10-03 22:25:06 +02:00
c5ed9266fc
* grub-core/io/lzopio.c: Improve crypt context alignment.
2011-10-03 22:06:10 +02:00
9c4f9ca010
* grub-core/io/lzopio.c (test_header): Some cleanups.
2011-09-06 21:21:13 +02:00
90b0a05579
Various bug fixes and improvements in lzopio. Should properly handle more
...
files now. Also added support for lzop checksums verification.
2011-08-21 18:48:19 +02:00
b3e9c48799
merge trunk
2011-08-20 12:02:35 +02:00
a5219af189
* grub-core/io/gzio.c (grub_gzio_open): Always return original io if
...
file type was not recognized correctly (not gzip or corrupted).
2011-08-20 11:48:46 +02:00
d6beefcfc9
Add initial support for lzop files decompression.
...
* grub-core/Makefile.core.def (lzopio): New module.
* grub-core/io/lzopio.c: New file.
* include/grub/file.h (grub_file_filter_id): New compression filter
GRUB_FILE_FILTER_LZOPIO.
2011-08-17 19:40:25 +02:00
40ea05dee4
* grub-core/io/xzio.c: Fix code style issues
2011-06-24 22:37:17 +02:00
bf947d36e3
Use full 64-bit division.
...
* grub-core/kern/misc.c (grub_divmod64_full): Renamed to ...
(grub_divmod64): ... this.
* include/grub/misc.h (grub_divmod64): Removed. All users switch to full
version.
2011-05-18 15:35:19 +02:00
d4680a3556
Squashfs v4 support.
...
* Makefile.util.def (libgrubmods.a): Add squash4.
* grub-core/Makefile.core.def (squash4): New module.
* grub-core/fs/squash4.c: New file.
* grub-core/io/gzio.c (grub_gzio): New members disk_input_off,
disk_input_start, disk_input.
(get_byte): Handle disk_input.
(grub_zlib_disk_read): New function.
* include/grub/deflate.h (grub_zlib_disk_read): New proto.
2011-05-15 11:58:22 +02:00
fe6b2cbaa6
BtrFS support. Written by me (Vladimir) with important bugfixes and
...
even more important testing by Colin.
* Makefile.util.def (libgrubmods.a): Add crc.c and gzio.c
* grub-core/Makefile.core.def (btrfs): Add crc.c.
* grub-core/fs/btrfs.c: Stub replaced with real implementation.
* grub-core/io/gzio.c (grub_gzio): New fields mem_input_size,
mem_input_off and mem_input. All users updated to accept in-RAM input.
(gzio_seek): New function.
(test_zlib_header): Likewise.
(grub_gzio_read): Likewise.
(grub_zlib_decompress): Likewise.
* grub-core/kern/emu/getroot.c (grub_find_root_device_from_mountinfo):
Accept partial and non-virtual mounts.
(grub_guess_root_device): Do rescanning after device_from_mountinfo to
avoid receiving /dev/dm-X as device.
* grub-core/kern/emu/misc.c (grub_make_system_path_relative_to_its_root):
Handle bind and partial mounts.
* grub-core/lib/crc.c: New file.
* include/grub/deflate.h: Likewise.
* include/grub/emu/misc.h (grub_find_root_device_from_mountinfo): New
proto.
* include/grub/lib/crc.h: New file.
2011-04-11 23:26:41 +02:00
e745cf0ca6
Implement automatic module license checking according to new GNU
...
guidelines.
* grub-core/kern/dl.c (grub_dl_check_license): New function.
(grub_dl_load_core): Use grub_dl_check_license.
* include/grub/dl.h (GRUB_MOD_SECTION): New macro.
(GRUB_MOD_LICENSE): Likewise.
(GRUB_MOD_DUAL_LICENSE): Likewise.
All modules updated.
2011-04-11 23:01:51 +02:00
28f9509eb7
merge trunk
2011-02-17 14:51:11 +00:00
Peter Jones