Commit graph

6 commits

Author SHA1 Message Date
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
Vladimir Serbinenko
27d1a67f8a Fix canonicalize_file_name clash.
canonicalize_file_name clashed with gnulib function. Additionally
it was declared in 2 places: emu/misc.h and util/misc.h. Added
grub_ prefix and removed second declaration.
2015-03-04 01:00:19 +01:00
Vladimir Serbinenko
ca3e20886e Build fixes for argp.h with older gcc. 2013-12-21 18:08:25 +01:00
Vladimir Serbinenko
636977b089 Mark strings for translation and add remaining ones to exclude list. 2013-12-18 06:50:24 +01:00
Vladimir Serbinenko
ee4450eb6f * util/grub-file.c (main): Fix sizeof usage. 2013-12-18 06:20:20 +01:00
Vladimir Serbinenko
ec824e0f2a Implement grub_file tool and use it to implement generating of config
in separate root.
2013-12-17 14:39:48 +01:00