Commit graph

23 commits

Author SHA1 Message Date
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
Andrei Borzenkov
a6f7d1abce reed_solomon: fix memory leak
Found by: Coverity scan.
CID: 96688
2015-06-20 23:38:18 +03:00
Vladimir Serbinenko
e77c81f6f8 * grub-core/lib/reed_solomon.c: Use section _text, _text rather than
.text when compiling for Apple.
2013-11-24 05:14:11 +01:00
Vladimir Serbinenko
e2a6810069 * grub-core/lib/reed_solomon.c (grub_reed_solomon_recover): Add
missing attribute.
	* grub-core/gdb/cstub.c (grub_gdb_trap): Likewise.
2013-11-08 09:27:56 +01:00
Vladimir Serbinenko
dd07e0c4cf * grub-core/kern/ieee1275/cmain.c: Add explicit attribute on asm
bindings.
	* grub-core/lib/reed_solomon.c: Likewise.
	* include/grub/i386/gdb.h: Likewise.
	* include/grub/i386/pc/int.h: Likewise.
	* include/grub/i386/pc/pxe.h: Likewise.
	* include/grub/ieee1275/ieee1275.h: Likewise.
2013-11-07 10:30:32 +01:00
Vladimir Serbinenko
e25f8e1f37 * grub-core/lib/reed_solomon.c (grub_reed_solomon_recover): Don't do
Reed-Solomon recovery if more than half of redundancy info is 0.
2013-11-02 21:28:03 +01:00
Vladimir 'phcoder' Serbinenko
bb338aaf24 Add a wrapper for fopen. On unix-like systems just pass-through. On
windows use unicode version.
2013-10-13 20:36:28 +02:00
Vladimir 'phcoder' Serbinenko
bb26e4ff16 Use static allocation rather than scratch pointer in reed_solomon.
It decreases its size significantly and avoids a variable in .text.

	* grub-core/lib/reed_solomon.c (scratch): Removed.
	(chosenstat): New const or static array.
	(sigma): Likewise.
	(errpot): Likewise.
	(errpos): Likewise.
	(sy): Likewise.
	(mstat): Likewise.
	(errvals): Likewise.
	(eqstat): Likewise.
	(pol_evaluate): Replace x with log_x argument. All users updated.
	(syndroms): Removed.
	(gauss_solve): Use statically allocated arrays.
	(rs_recover): Likewise.
	Calculate syndroms directly.
	(decode_block): Use statically allocated arrays.
	(grub_reed_solomon_add_redundancy) [TEST]: Fix -DTEST compilation.
	(main) [TEST]: Allow -DTEST -DSTANDALONE.
2012-01-24 14:49:31 +01:00
Vladimir 'phcoder' Serbinenko
31355584f1 * grub-core/lib/reed_solomon.c (grub_reed_solomon_add_redundancy): Add
an assert.
	* util/grub-setup.c (setup): Likewise.
2011-12-23 10:23:41 +01:00
Vladimir 'phcoder' Serbinenko
96f8caf812 * grub-core/lib/reed_solomon.c (decode_block): Allocate on heap and not
stack.
	(encode_block): Likewise.
2011-12-15 19:27:01 +01:00
Vladimir 'phcoder' Serbinenko
ee9c2e7a97 * grub-core/lib/reed_solomon.c (init_powx): Set gf_powx_inv[0] just to
be deterministic.
	(syndroms): Compute 0 syndrom.
	(rs_recover): Use 0 syndrom.
2011-12-15 02:20:21 +01:00
Vladimir 'phcoder' Serbinenko
c30be3b694 Make Reed-Solomon faster by using power of generator representation of
GF(256)*.

	* grub-core/lib/reed_solomon.c (grub_uint16_t) [TEST]: Removed.
	(gf_double_t): Likewise.
	(gf_invert): Removed.
	(gf_powx): New array.
	(gf_powx_inv): Likewise.
	(scratch): Move higher.
	(gf_reduce): Removed.
	(gf_mul): Use powx.
	(gf_invert): Likewise.
	(init_inverts): Replaced with ...
	(init_powx): ...this. All users updated.
	(pol_evaluate): Replace multiplications with additions.
	(rs_encode): Likewise.
	(gauss_eliminate): Call gf_invert.
	(grub_reed_solomon_add_redundancy): Call init_powx.
	(grub_reed_solomon_recover): Call init_powx unconditionally.
2011-11-13 14:48:19 +01:00
Vladimir 'phcoder' Serbinenko
f646e14309 * grub-core/lib/reed_solomon.c (gf_invert): Declare as const and
save some space.
	* include/grub/offsets.h (GRUB_KERNEL_I386_PC_RAW_SIZE): Decrease.
	(GRUB_KERNEL_I386_PC_NO_REED_SOLOMON_PART): Likewise.
2011-10-23 23:55:38 +02:00
Vladimir 'phcoder' Serbinenko
e061a1b537 * grub-core/lib/reed_solomon.c (rs_recover) [STANDALONE]:
Prevent memory leak.
2011-06-23 20:58:35 +02:00
Vladimir 'phcoder' Serbinenko
1abe47dc99 * grub-core/lib/reed_solomon.c (rs_recover): Prevent memory leak.
(main): Close file.
2011-06-23 20:55:36 +02:00
Vladimir 'phcoder' Serbinenko
a0159f370d * grub-core/lib/reed_solomon.c (grub_reed_solomon_add_redundancy):
Prevent overflow.
	(grub_reed_solomon_recover): Likewise.
2011-01-04 15:39:59 +01:00
Vladimir 'phcoder' Serbinenko
e5146ca18b * grub-core/lib/reed_solomon.c (main) [TEST]: Reactivate normal test. 2011-01-04 15:37:10 +01:00
Vladimir 'phcoder' Serbinenko
956384994b * grub-core/lib/reed_solomon.c (scratch) [! STANDALONE]: Remove leftover
variable.
2011-01-04 15:35:10 +01:00
Vladimir 'phcoder' Serbinenko
c76386454e Avoid using Reed-Solomon with 0 redundancy.
* grub-core/kern/i386/pc/startup.S: Remove 0-data check.
	* grub-core/lib/reed_solomon.c (decode_block): Do not proceed on 0 data
	or 0 redundancy.
	(grub_reed_solomon_add_redundancy): Do not proceed with 0 redundancy.
	(grub_reed_solomon_recover): Likewise.
2010-12-27 07:09:43 +01:00
Colin Watson
20641b6baa * grub-core/lib/reed_solomon.c (gauss_solve): Fix size of standalone
scratch area.  Make sure to initialise chosen in standalone mode as
well as non-standalone.
Reported by: Robert Hooker and Andy Whitcroft.
Tested by: Andy Whitcroft.
2010-12-21 16:51:08 +00:00
Vladimir 'phcoder' Serbinenko
53c9e7798c Remove debug printf 2010-09-25 21:42:36 +02:00
Vladimir 'phcoder' Serbinenko
3ac9e79207 Multiple bugs correction for Reed-Solomon 2010-09-25 20:40:26 +02:00
Vladimir 'phcoder' Serbinenko
419cbeb06d hook Reed-Solomon into startup.S 2010-09-25 19:33:05 +02:00
Renamed from util/reed_solomon.c (Browse further)