* grub-core/kern/elf.c: check and switch endianess with grub_{be,le}_to
cpu functions.
* grub-core/kern/elfXX.c: Likewise.
Also-by: Tomohiro B Berry <tbberry@us.ibm.com>
The unaligned local in __aeabi_uidivmod leads to a store to a 64bit
value at an address that is not divisible by 8 (in grub_divmod64).
The compiler most likely generates a STRD instruction to store it and
this causes an exception.
Fixes Savannah bug #43632.
This includes improvements done by Leif Lindholm.
Using the http module to download config files, produces memory errors,
after the config file is downloaded.
The error was traced to the tcp stack in grub-core/net/tcp.c. The wrong
netbuff pointer was being freed in the clean up loop.
Changing the code to free the correct netbuff pointer removes the runtime
error.
Closes 42765.
grub_pubkey_open closed original file after it was read; it set
io->device to NULL to prevent grub_file_close from trying to close device.
But network device itself is stacked (net -> bufio); and bufio preserved
original netfs file which hold reference to device. grub_file_close(io)
called grub_bufio_close which called grub_file_close for original file.
grub_file_close(netfs-file) now also called grub_device_close which
freed file->device->net. So file structure returned by grub_pubkey_open
now had device->net pointed to freed memory. When later file was closed,
it was attempted to be freed again.
Change grub_pubkey_open to behave like other filters - preserve original
parent file and pass grub_file_close down to parent. In this way only the
original file will close device. We really need to move this logic into
core instead.
Also plug memory leaks in error paths on the way.
Reported-By: Robert Kliewer <robert.kliewer@gmail.com>
Closes: bug #43601
configure_ciphers:
- several memory leaks where allocated ciphers were not freed. CID: 73813,
73710
- use after free. It is probably quite innocent as grub is single threaded,
but could potentially be a problem with memory allocator debugger turned on.
CID: 73730
luks_recover_key:
- memory leak. CID: 73854
Many routers have long router advertisment interval configured by
default. The Neighbor Discovery protocol (RFC4861) has defined default
MaxRtrAdvInterval value as 600 seconds and
MinRtrAdvInterval as 0.33*MaxRtrAdvInterval. This makes
net_ipv6_autoconf fails more often than not as currently it passively
listens the RA message to perfom address autoconfiguration.
This patch tries to send router solicitation to overcome the problem of
long RA interval.
v2:
use cpu_to_be macro for network byte order conversion
add missing error handling
The EFI version of grub_machine_get_bootlocation crops the boot image
name back to the last / in order to get a directory path. However, it
does not check that *name is actually set before calling grub_strrchr
to do this, and neither does grub_strrchr before dereferencing a NULL
pointer.
Parent function, grub_set_prefix_and_root, does check the pointer
before using.
The structure size used in grub_netbuff_pull to get the pointer to
option header is apparently wrong, which leads to subsequent range check
failed and therefore not responding to any neighbor solicit message in my
testing.
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
Paulo Flabiano Smorigo