vbatts
/
grub
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9,979 Commits 7 Branches 0 Tags 72 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Peter Jones 3f05d693d1 malloc: Use overflow checking primitives where we do complex allocations 
This attempts to fix the places where we do the following where
arithmetic_expr may include unvalidated data:

  X = grub_malloc(arithmetic_expr);

It accomplishes this by doing the arithmetic ahead of time using grub_add(),
grub_sub(), grub_mul() and testing for overflow before proceeding.

Among other issues, this fixes:
  - allocation of integer overflow in grub_video_bitmap_create()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_squash_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_ext2_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in read_section_as_string()
    reported by Chris Coulson.

Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 2020-07-29 16:55:47 +02:00
Peter Jones f725fa7cb2 calloc: Use calloc() at most places 
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 2020-07-29 16:55:47 +02:00
Pete Batard bdd89d239c core: use GRUB_TERM_ definitions when handling term characters 
* Also use hex value for GRUB_TERM_ESC as '\e' is not in the C standard and is not understood by some compilers
 2017-08-07 19:28:22 +02:00
Andrei Borzenkov 2a3ebf9428 normal: fix memory leak 
Found by: Coverity scan.
CID: 96685
 2015-06-20 23:38:18 +03:00
Vladimir Serbinenko 35d4761ce2 * grub-core/normal/cmdline.c (grub_cmdline_get): Plug memory leak. 2013-11-18 02:43:29 +01:00
Vladimir Serbinenko a67c755ef1 * grub-core/normal/cmdline.c (grub_cmdline_get): 
Remove nested functions.
 2013-11-07 02:42:38 +01:00
Vladimir Serbinenko 0a7e52b2ed * grub-core/normal/cmdline.c (grub_history_get): Make argument into 
unsigned.
	(grub_history_replace): Likewise.
 2013-10-25 22:58:19 +02:00
Vladimir 'phcoder' Serbinenko e89c2d48a9 Lift 255x255 erminal sie restriction to 65535x65535. Also change from 
bitmasks to small structures of size chosen to fit in registers.
 2013-10-19 23:59:32 +02:00
Josh Triplett e40b459617 * grub-core/normal/cmdline.c (grub_cmdline_get): Fix Ctrl-u 
handling to copy the killed characters to the kill buffer as
	UCS4 stored as grub_uint32_t rather than as 8-bit characters
	stored as char.  Eliminates UCS4 truncation and corruption
	observed when killing characters with Ctrl-u and yanking them
	back with Ctrl-y.
 2013-05-31 00:59:02 +02:00
Vladimir 'phcoder' Serbinenko c8d6cc3cf0 * grub-core/normal/cmdline.c (grub_cmdline_get): Fix off-by-one error 
to avoid losing last column.
 2013-05-14 08:54:18 +02:00
Vladimir 'phcoder' Serbinenko d162588970 * grub-core/normal/cmdline.c (print_completion): New field 
prompt_len.
	(grub_cmdline_get): Handle width properly.
 2012-04-01 21:25:17 +02:00
Vladimir 'phcoder' Serbinenko 9fdb2d7b11 Fix handling of leading spaces in scripts. 
* grub-core/normal/cmdline.c (grub_cmdline_get): Don't strip leading
	spaces.
	* grub-core/normal/main.c (grub_file_getline): Remove all preprocessing
	other than skipping \r. All users updated.
	* tests/grub_script_echo1.in: Add space-related tests.
	* util/grub-menulst2cfg.c (main): Remove useless space skipping.
 2012-03-11 14:43:18 +01:00
Vladimir 'phcoder' Serbinenko ef292a8775 * grub-core/net/http.c: Add TRANSLATORS comments. 
* grub-core/normal/cmdline.c: Likewise.
	* grub-core/normal/misc.c: Likewise.
	* grub-core/partmap/msdos.c: Likewise.
	* grub-core/parttool/msdospart.c: Likewise.
	* grub-core/script/execute.c: Likewise.
	* grub-core/script/main.c: Likewise.
	* grub-core/term/terminfo.c: Likewise.
	* grub-core/video/bitmap.c: Likewise.
	* util/grub-install.in: Likewise.
	* util/grub-mkimage.c: Likewise.
	* util/grub-mklayout.c: Likewise.
	* util/grub-setup.c: Likewise.
 2012-03-05 16:42:26 +01:00
Vladimir 'phcoder' Serbinenko 4e27343fb0 * conf/Makefile.common (CFLAGS_GNULIB): Add 
-Wno-unsafe-loop-optimizations.
	* configure.ac: Remove -Wmissing-declarations and -Wmissing-prototypes
	on tools.
	* grub-core/commands/legacycfg.c: Add pragma to skip
	-Wunsafe-loop-optimizations.
	(check_password_md5_real): Fix loop counter type.
	* grub-core/commands/testload.c (grub_cmd_testload): Fix over the EOF
	reading.
	* grub-core/disk/ldm.c (grub_util_get_ldm): Fix logic error.
	* grub-core/fs/zfs/zfs_sha256.c (zio_checksum_SHA256): Add safety
	loop condition.
	* grub-core/io/gzio.c: Add pragma to skip -Wunsafe-loop-optimizations.
	* grub-core/lib/LzmaEnc.c (GetOptimum): Avoid possible infinite loop.
	* grub-core/net/net.c (grub_net_route_address): Add safety loop
	condition.
	* grub-core/normal/charset.c (bidi_line_wrap): Likewise.
	* grub-core/normal/cmdline.c (grub_set_history): Fix loop types and
	avoid possible infinite loops.
	* grub-core/script/parser.y: Add pragma to skip -Wmissing-declarations
	and -Wunsafe-loop-optimizations.
	* grub-core/script/yylex.l: Likewise.
	* util/grub-mkfont.c: Add pragma to skip -Wunsafe-loop-optimizations.
	(print_glyphs): Avoid infinite loops.
	* util/grub-mkimage.c (compress_kernel_xz): Fix format security.
 2012-02-24 12:30:32 +01:00
Vladimir 'phcoder' Serbinenko a9e9dc7c5e * grub-core/normal/cmdline.c (grub_cmdline_get): Don't gettext prompt. 
* grub-core/normal/main.c (grub_normal_read_line_real): Gettext
	prompt here.
 2012-02-12 19:24:23 +01:00
Szymon Janc cbf597afb1 * grub-core/commands/cmp.c (grub_cmd_cmp): Remove unnecessary NULL 
pointer checks before calling grub_free().
	* grub-core/commands/wildcard.c (match_devices): Likewise.
	* grub-core/commands/wildcard.c (match_files): Likewise.
	* grub-core/fs/cpio.c (grub_cpio_dir): Likewise.
	* grub-core/fs/cpio.c (grub_cpio_open): Likewise.
	* grub-core/fs/udf.c (grub_udf_read_block): Likewise.
	* grub-core/fs/xfs.c (grub_xfs_read_block): Likewise.
	* grub-core/loader/efi/chainloader.c (grub_cmd_chainloader): Likewise.
	* grub-core/normal/cmdline.c (grub_cmdline_get): Likewise.
	* grub-core/script/yylex.l (grub_lexer_unput): Likewise.
	* grub-core/video/readers/jpeg.c (grub_video_reader_jpeg): Likewise.
	* grub-core/video/readers/png.c (grub_png_output_byte): Likewise.
 2011-06-26 17:17:41 +02:00
Vladimir 'phcoder' Serbinenko d1611f0163 * grub-core/efiemu/i386/pc/cfgtables.c 
(grub_machine_efiemu_init_tables): Make declaration a prototype.
	* grub-core/loader/xnu.c (grub_xnu_lock): Likewise.
	(grub_xnu_unlock): Likewise.
	* grub-core/normal/cmdline.c (grub_cmdline_get/cl_set_pos_all): Likewise.
 2011-03-23 12:08:33 +01:00
Vladimir 'phcoder' Serbinenko 5aaf2c18bd Merge mainline into keylayouts 2010-08-31 14:03:29 +02:00
Vladimir 'phcoder' Serbinenko 9e0fa3f606 * grub-core/normal/cmdline.c (grub_cmdline_get): Free cl_terms on 
return.
 2010-08-28 15:29:44 +02:00
BVK Chaitanya 297f0c2b6e merge with mainline 2010-07-13 00:43:28 +05:30
BVK Chaitanya 8c41176882 automake commit without merge history 2010-05-06 11:34:04 +05:30