426f57383d
script: Avoid a use-after-free when redefining a function during execution
...
Defining a new function with the same name as a previously defined
function causes the grub_script and associated resources for the
previous function to be freed. If the previous function is currently
executing when a function with the same name is defined, this results
in use-after-frees when processing subsequent commands in the original
function.
Instead, reject a new function definition if it has the same name as
a previously defined function, and that function is currently being
executed. Although a behavioural change, this should be backwards
compatible with existing configurations because they can't be
dependent on the current behaviour without being broken.
Fixes: CVE-2020-15706
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:48 +02:00
47e67d809c
Remove pragmas related to -Wunreachable-code
...
-Wunreachable-code has been a no-op since GCC 4.5; GRUB hasn't been
compiled with it since 2012; and GCC 6 produces "error:
'-Wunreachable-code' is not an option that controls warnings" for these.
Fixes Debian bug #812047 .
2016-01-20 15:56:55 +00:00
ec0ebb3fc2
Remove vestiges of -Wunsafe-loop-optimisations.
...
* conf/Makefile.common (CFLAGS_GNULIB): Remove
-Wno-unsafe-loop-optimisations.
* grub-core/commands/legacycfg.c: Remove -Wunsafe-loop-optimisations
pragma.
* grub-core/io/gzio.c: Likewise.
* grub-core/script/parser.y: Likewise.
* grub-core/script/yylex.l: Likewise.
* util/grub-mkfont.c: Likewise.
2013-11-07 02:25:31 +01:00
4e27343fb0
* conf/Makefile.common (CFLAGS_GNULIB): Add
...
-Wno-unsafe-loop-optimizations.
* configure.ac: Remove -Wmissing-declarations and -Wmissing-prototypes
on tools.
* grub-core/commands/legacycfg.c: Add pragma to skip
-Wunsafe-loop-optimizations.
(check_password_md5_real): Fix loop counter type.
* grub-core/commands/testload.c (grub_cmd_testload): Fix over the EOF
reading.
* grub-core/disk/ldm.c (grub_util_get_ldm): Fix logic error.
* grub-core/fs/zfs/zfs_sha256.c (zio_checksum_SHA256): Add safety
loop condition.
* grub-core/io/gzio.c: Add pragma to skip -Wunsafe-loop-optimizations.
* grub-core/lib/LzmaEnc.c (GetOptimum): Avoid possible infinite loop.
* grub-core/net/net.c (grub_net_route_address): Add safety loop
condition.
* grub-core/normal/charset.c (bidi_line_wrap): Likewise.
* grub-core/normal/cmdline.c (grub_set_history): Fix loop types and
avoid possible infinite loops.
* grub-core/script/parser.y: Add pragma to skip -Wmissing-declarations
and -Wunsafe-loop-optimizations.
* grub-core/script/yylex.l: Likewise.
* util/grub-mkfont.c: Add pragma to skip -Wunsafe-loop-optimizations.
(print_glyphs): Avoid infinite loops.
* util/grub-mkimage.c (compress_kernel_xz): Fix format security.
2012-02-24 12:30:32 +01:00
ebcecdf1c3
Increase warning level.
...
* conf/Makefile.common (CFLAGS_GNULIB): Add -Wno-redundant-decls
-Wno-unreachable-code -Wno-conversion -Wno-old-style-definition.
* configure.ac (HOST_CFLAGS): Add bunch of -W arguments.
(TARGET_CFLAGS): Likewise.
(HOST_CFLAGS): Add -Werror unless --disable-werror is activated.
* grub-core/Makefile.core.def (decompressor_xz): Add
-Wno-unreachable-code.
(normal): Add -Wno-redundant-decls.
(xzio): Add -Wno-unreachable-code.
(lzopio): Add -Wno-redundant-decls -Wno-error.
* grub-core/commands/acpi.c: Add exception to -Wcast-align.
* grub-core/commands/lsacpi.c: Add exception to -Wcast-align.
* grub-core/gensymlist.sh: Add exception to -Wmissing-format-attribute.
* grub-core/kern/dl.c: Add exception to -Wcast-align.
* grub-core/kern/efi/efi.c (grub_efi_modules_addr): Likewise.
* grub-core/kern/i386/coreboot/init.c: Add exception to
-Wsuggest-attribute=noreturn.
* grub-core/kern/ia64/dl.c: Add exception to -Wcast-align.
* grub-core/kern/ia64/dl_helper.c: Likewise.
* grub-core/kern/mips/dl.c: Likewise.
* grub-core/kern/sparc64/dl.c: Likewise.
* grub-core/lib/LzmaEnc.c: Add exception to -Wshadow.
* grub-core/lib/libgcrypt_wrap/cipher_wrap.h (memcpy): Likewise.
(memcmp): Likewise.
* grub-core/lib/pbkdf2.c: Add exception to -Wunreachable-code.
* grub-core/loader/ia64/efi/linux.c: Add exception to -Wcast-align.
* grub-core/loader/mips/linux.c: Likewise.
* grub-core/loader/multiboot_elfxx.c: Likewise.
* grub-core/script/parser.y: Add exception to -Wunreachable-code.
* grub-core/video/sm712.c: Add exception to -Wcast-align.
* util/import_gcry.py: Add -Wno-cast-align to modules checked by hand.
* grub-core/font/font.c (grub_font_loader_init): Add explicit cast and
fixme.
* grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Likewise.
* grub-core/kern/i386/multiboot_mmap.c (grub_machine_mmap_init):
Fix prototype.
2012-02-10 16:48:48 +01:00
4a9f8346c9
* grub-core/commands/ls.c: Gettextize.
...
* grub-core/commands/setpci.c: Likewise.
* grub-core/commands/videotest.c: Likewise.
* grub-core/disk/geli.c: Likewise.
* grub-core/kern/mm.c: Likewise.
* grub-core/lib/relocator.c: Likewise.
* grub-core/loader/efi/appleloader.c: Likewise.
* grub-core/loader/i386/xnu.c: Likewise.
* grub-core/loader/ia64/efi/linux.c: Likewise.
* grub-core/loader/xnu.c: Likewise.
* grub-core/net/dns.c: Likewise.
* grub-core/net/net.c: Likewise.
* grub-core/script/lexer.c: Likewise.
* grub-core/script/parser.y: Likewise.
* grub-core/script/yylex.l: Likewise.
* util/getroot.c: Likewise.
* util/grub-setup.c: Likewise.
2012-02-03 11:56:49 +01:00
5ff1d945ed
Implement time command.
...
* grub-core/Makefile.core.def (time): New module.
* grub-core/commands/time.c: New file.
* grub-core/script/parser.y: Remove "time" keyword.
* grub-core/script/yylex.l: Likewise.
2011-06-27 12:31:37 +02:00
bd4d051a95
* grub-core/script/parser.y: Declare "time" as valid argument.
2011-03-23 13:23:50 +01:00
47b4c2c3e8
pull-in block-arg branch
2010-08-26 11:32:35 +05:30
928bad4708
merge with mainline
2010-08-26 09:30:11 +05:30
16c7cb32c8
merge with mainline
2010-08-19 16:54:00 +05:30
297f0c2b6e
merge with mainline
2010-07-13 00:43:28 +05:30
8c41176882
automake commit without merge history
2010-05-06 11:34:04 +05:30
Chris Coulson