This modifies most of the places we do some form of:
X = malloc(Y * Z);
to use calloc(Y, Z) instead.
Among other issues, this fixes:
- allocation of integer overflow in grub_png_decode_image_header()
reported by Chris Coulson,
- allocation of integer overflow in luks_recover_key()
reported by Chris Coulson,
- allocation of integer overflow in grub_lvm_detect()
reported by Chris Coulson.
Fixes: CVE-2020-14308
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
When booting from NVME SSD with 4k sector size, it fails with the message.
error: attempt to read or write outside of partition.
This patch fixes the problem by fixing overflow in converting partition start
and length into 512B blocks.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
protective entry in any slot.
* grub-core/partmap/msdos.c (grub_partition_msdos_iterate): Reject
if protective entry is found in any slot.
Protective entry in non-first slot make no sense but is a widespread
brain damage.
embed to take a maximum value for nsectors.
* include/grub/emu/hostdisk.h (grub_util_ldm_embed): Likewise.
* include/grub/fs.h (grub_fs): Likewise.
* grub-core/partmap/msdos.c (embed_signatures): New array.
(pc_partition_map_embed): Check for and avoid sectors matching any
of the signatures in embed_signatures, up to max_nsectors.
* grub-core/partmap/gpt.c (gpt_partition_map_embed): Restrict
returned sector map to max_nsectors.
* grub-core/disk/ldm.c (grub_util_ldm_embed): Likewise.
* grub-core/fs/btrfs.c (grub_btrfs_embed): Likewise.
* grub-core/fs/zfs/zfs.c (grub_zfs_embed): Likewise.
* util/grub-setup.c (setup): Allow for the embedding area being
split into multiple blocklists. Tell dest_partmap->embed the
maximum number of sectors we care about.
(pc_partition_map_embed): Check for and avoid sectors matching any
of the signatures in embed_signatures.
* util/grub-setup.c (setup): Allow for the embedding area being
split into multiple blocklists.
* Makefile.util.def (libgrub.a): Add grub-core/partmap/bsdlabel.c.
* grub-core/disk/efi/efidisk.c (grub_efidisk_get_device_name):
Properly handle concatenation.
* grub-core/kern/device.c (grub_device_iterate): Likewise.
* grub-core/normal/completion.c (iterate_partition): Likewise.
* grub-core/kern/disk.c (grub_disk_open): Make disk->name not
contain partition. All users updated.
* grub-core/partmap/bsdlabel.c (grub_netbsdlabel_partition_map): New
struct.
(grub_openbsdlabel_partition_map): Likewise.
(bsdlabel_partition_map_iterate): Rename to ..
(iterate_real): ... this. New arguments sector, freebsd and pmap.
(bsdlabel_partition_map_iterate): New function.
(netopenbsdlabel_partition_map_iterate): Likewise.
(netbsdlabel_partition_map_iterate): Likewise.
(openbsdlabel_partition_map_iterate): Likewise.
(GRUB_MOD_INIT): Register new partmaps.
(GRUB_MOD_FINI): Unregister new partmaps.
* grub-core/partmap/msdos.c (pc_partition_map_iterate): Rename to ...
(grub_partition_msdos_iterate): ... this. All users updated.
Don't support embedding other than in a minix partition.
* include/grub/msdos_partition.h (grub_partition_msdos_iterate): New
proto.
* include/grub/partition.h (grub_partition): New field msdostype.
* util/grub-install.in: Handle openbsd and netbsd types being in
part_bsd module.
* grub-core/partmap/gpt.c (grub_gpt_partition_type_bios_boot)
[GRUB_UTIL]: New variable.
(gpt_partition_map_iterate): Set part.parent.
(gpt_partition_map_embed) [GRUB_UTIL]: New function.
(grub_gpt_partition_map) [GRUB_UTIL]: Set .embed.
* grub-core/partmap/msdos.c (pc_partition_map_embed) [GRUB_UTIL]:
New function.
(grub_msdos_partition_map) [GRUB_UTIL]: Set .embed.
* include/grub/partition.h (grub_embed_type_t) [GRUB_UTIL]: New type.
(grub_partition_map) [GRUB_UTIL]: New field embed.
* util/grub-setup.c (grub_gpt_partition_type_bios_boot): Removed.
(setup): Use ->embed.