Commit graph

38 commits

Author SHA1 Message Date
Peter Jones
2a1edcf2ed iso9660: Don't leak memory on realloc() failures
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:48 +02:00
Peter Jones
3f05d693d1 malloc: Use overflow checking primitives where we do complex allocations
This attempts to fix the places where we do the following where
arithmetic_expr may include unvalidated data:

  X = grub_malloc(arithmetic_expr);

It accomplishes this by doing the arithmetic ahead of time using grub_add(),
grub_sub(), grub_mul() and testing for overflow before proceeding.

Among other issues, this fixes:
  - allocation of integer overflow in grub_video_bitmap_create()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_squash_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_ext2_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in read_section_as_string()
    reported by Chris Coulson.

Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
Vladimir Serbinenko
ad4bfeec5c Change fs functions to add fs_ prefix
This avoid conflict with gnulib

Signed-off-by: Vladimir Serbinenko <phcoder@google.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-04-09 10:03:29 +10:00
Aaron Luft
76eac44af3 Remove the variable oldname which is attempting to free stack space.
Historically this variable hold previous value of filename that
had to be freed if allocated previously. Currently this branch
is entered only if filename was not allocated previously so it
became redundant. It did not cause real problems because grub_free
was not called, but code is confusing and causes compilation error
in some cases.
2016-03-15 22:04:38 +03:00
Vladimir Serbinenko
ac602ce700 grub_iso9660_read: Explicitly check read_node return value.
Not really needed as grub_errno is already checked but is nicer.

Found by: Coverity scan.
2015-01-25 20:32:31 +01:00
Vladimir Serbinenko
7e47e27bd8 Add gcc_struct to all packed structures when compiling with mingw.
Just "packed" doesn't always pack the way we expect.
2013-12-15 14:14:30 +01:00
Vladimir Serbinenko
2a8a75855c * grub-core/fs/iso9660.c: Replace strncat with memcpy.
* include/grub/misc.h: Remove strncat.
	* grub-core/lib/posix_wrap/string.h: Likewise.
2013-10-26 12:49:51 +02:00
Vladimir 'phcoder' Serbinenko
9c12ac9773 * grub-core/fs/iso9660.c: Remove variable length arrays.
Increases iso9660.mod by 200 bytes (but decreases by 79 compressed when
	compressed).
2013-10-20 16:21:02 +02:00
Andrey Borzenkov
81455e8e7a * grub-core/fs/iso9660.c (add_part): Remove always_inline attribute
causing gcc error with gcc 4.7.1.
2013-03-07 09:11:36 +01:00
Vladimir 'phcoder' Serbinenko
99373ce472 * grub-core/fs/iso9660.c: Remove nested functions. 2013-02-28 10:30:35 +01:00
Colin Watson
4eb8b75659 Remove nested functions from disk and file read hooks.
* include/grub/disk.h (grub_disk_read_hook_t): New type.
	(struct grub_disk): Add read_hook_data member.
	* include/grub/file.h (struct grub_file): Likewise.
	* include/grub/fshelp.h (grub_fshelp_read_file): Add read_hook_data
	argument.

	Update all callers.
2013-02-27 17:19:15 +01:00
Colin Watson
fc524edf65 Remove nested functions from filesystem directory iterators.
* include/grub/fs.h (grub_fs_dir_hook_t): New type.
(struct grub_fs.dir): Add hook_data argument.

Update all implementations and callers.
2013-01-21 01:33:46 +00:00
Vladimir 'phcoder' Serbinenko
dadddb7665 * grub-core/fs/iso9660.c (grub_iso9660_susp_iterate): Avoid hang if
entry->len = 0.
2013-01-03 21:27:00 +01:00
Vladimir 'phcoder' Serbinenko
47e297d4a4 * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Don't skip "." and
"..".
2012-05-27 00:58:48 +02:00
Vladimir 'phcoder' Serbinenko
aa78f5c4e6 * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Mark plain
ISO9660 names as case-insensitive, lowercase it and remove trailing dot.
2012-05-18 12:51:02 +02:00
Vladimir 'phcoder' Serbinenko
8ad3f28cec * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Don't strrchr
through UTF-16.
2012-05-17 13:47:23 +02:00
Vladimir 'phcoder' Serbinenko
742d2be63a * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Fix symlink
handling.
2012-05-10 23:35:03 +02:00
Anton Blanchard
255818026e * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Do not byteswap
8 bit values.
2012-03-31 12:08:50 +02:00
Vladimir 'phcoder' Serbinenko
e1e49678b9 * util/grub-install.in: Clarify strings.
Fix source dir check.
2012-02-27 21:36:58 +01:00
Vladimir 'phcoder' Serbinenko
ebcecdf1c3 Increase warning level.
* conf/Makefile.common (CFLAGS_GNULIB): Add -Wno-redundant-decls
	-Wno-unreachable-code -Wno-conversion -Wno-old-style-definition.
	* configure.ac (HOST_CFLAGS): Add bunch of -W arguments.
	(TARGET_CFLAGS): Likewise.
	(HOST_CFLAGS): Add -Werror unless --disable-werror is activated.
	* grub-core/Makefile.core.def (decompressor_xz): Add
	-Wno-unreachable-code.
	(normal): Add -Wno-redundant-decls.
	(xzio): Add -Wno-unreachable-code.
	(lzopio): Add -Wno-redundant-decls -Wno-error.
	* grub-core/commands/acpi.c: Add exception to -Wcast-align.
	* grub-core/commands/lsacpi.c: Add exception to -Wcast-align.
	* grub-core/gensymlist.sh: Add exception to -Wmissing-format-attribute.
	* grub-core/kern/dl.c: Add exception to -Wcast-align.
	* grub-core/kern/efi/efi.c (grub_efi_modules_addr): Likewise.
	* grub-core/kern/i386/coreboot/init.c: Add exception to
	-Wsuggest-attribute=noreturn.
	* grub-core/kern/ia64/dl.c: Add exception to -Wcast-align.
	* grub-core/kern/ia64/dl_helper.c: Likewise.
	* grub-core/kern/mips/dl.c: Likewise.
	* grub-core/kern/sparc64/dl.c: Likewise.
	* grub-core/lib/LzmaEnc.c: Add exception to -Wshadow.
	* grub-core/lib/libgcrypt_wrap/cipher_wrap.h (memcpy): Likewise.
	(memcmp): Likewise.
	* grub-core/lib/pbkdf2.c: Add exception to -Wunreachable-code.
	* grub-core/loader/ia64/efi/linux.c: Add exception to -Wcast-align.
	* grub-core/loader/mips/linux.c: Likewise.
	* grub-core/loader/multiboot_elfxx.c: Likewise.
	* grub-core/script/parser.y: Add exception to -Wunreachable-code.
	* grub-core/video/sm712.c: Add exception to -Wcast-align.
	* util/import_gcry.py: Add -Wno-cast-align to modules checked by hand.
	* grub-core/font/font.c (grub_font_loader_init): Add explicit cast and
	fixme.
	* grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Likewise.
	* grub-core/kern/i386/multiboot_mmap.c (grub_machine_mmap_init):
	Fix prototype.
2012-02-10 16:48:48 +01:00
Vladimir 'phcoder' Serbinenko
9b4baaa4ee * grub-core/fs/iso9660.c (grub_iso9660_convert_string): Make first
argument a u8 pointer. All users updated.
	Handle unaligned buffers.
2011-12-13 16:35:12 +01:00
Vladimir 'phcoder' Serbinenko
dc71319397 * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Force inlining of
add_part to workaround compiler bug.
2011-12-13 16:33:27 +01:00
Vladimir 'phcoder' Serbinenko
f627652531 Put symlink at the end of the node and fix a potential
memory corruption.

	* grub-core/fs/iso9660.c (grub_fshelp_node): New field have_symlink.
	Make symlink into an array.
	(set_rockridge): Set have_symlink and alloc_dirents.
	(grub_iso9660_read_symlink): Use new layout.
	(grub_iso9660_iterate_dir): Fix memory corruption.
	Use new layout.
	(grub_iso9660_dir): Set have_symlink.
	(grub_iso9660_open): Likewise.
2011-11-10 09:31:06 +01:00
Vladimir 'phcoder' Serbinenko
ad9a2f44b4 * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Fix grub_strncat
argument (access out of bounds).
2011-11-10 08:16:27 +01:00
Vladimir 'phcoder' Serbinenko
c83a08d84a Fix iso9660 filename limitations and fix memory leaks.
* grub-core/fs/iso9660.c (set_rockridge): Free sua at the end.
	(grub_iso9660_iterate_dir): Fix slash handling in symlinks.
2011-10-30 20:23:05 +01:00
Vladimir 'phcoder' Serbinenko
c39224b052 Prefer rockridge over Joliet.
* grub-core/fs/iso9660.c (grub_iso9660_mount): Move rockridge detection
	to ...
	(set_rockridge): ... here.
	(grub_iso9660_mount): Check rockridge on the primary label when
	discovering. Ignore Joliet if Rockridge is present.
2011-10-28 16:26:17 +02:00
Vladimir 'phcoder' Serbinenko
66b4085033 Fix symlink handling on iso9660.
* grub-core/fs/iso9660.c (grub_fshelp_node): Remove dir_off. Add symlink
	All users updated.
	(grub_iso9660_susp_iterate): Accept zero-size iterate.
	(grub_iso9660_read_symlink): Moved most of code ...
	(grub_iso9660_iterate_dir): ... here. Fill node->symlink.
2011-10-25 21:52:48 +02:00
Vladimir 'phcoder' Serbinenko
e12119495d Support multi-extent iso files.
* grub-core/fs/iso9660.c (grub_iso9660_data): Remove first_sector.
	Add node.
	(grub_fshelp_node): Revamp. All users updated.
	(FLAG_*): New enum.
	(read_node): New function.
	(grub_iso9660_susp_iterate): Use read_node. Receive a node as argument.
	All users updated.
	(grub_iso9660_mount): Don't attempt to read sua when there is none.
	(get_node_size): New function.
	(grub_iso9660_iterate_dir): Use read_node. Agglomerate multi-extent
	entries.
	Fix memory leak on . and ..
	(grub_iso9660_read): Use read_node.
	(grub_iso9660_close): Free node.
2011-10-25 18:18:58 +02:00
Vladimir 'phcoder' Serbinenko
98e2f50661 * grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Skip . and .. 2011-06-24 13:02:49 +02:00
Vladimir 'phcoder' Serbinenko
b756f75f07 Several FS mtime support.
* grub-core/fs/affs.c (grub_affs_time): New struct.
	(grub_affs_file): New field mtime.
	(grub_fshelp_node): Changed 'block' and 'parent' to more appropriate
	type. Removed 'size'. New field 'di'. All users updated.
	(grub_affs_mount): Simplify checsum checking.
	(grub_affs_iterate_dir): New helper grub_affs_create_node.
	(grub_affs_dir): Handle mtime.
	* grub-core/fs/cpio.c (grub_cpio_find_file): Handle mtime.
	(grub_cpio_dir): Likewise.
	* grub-core/fs/hfs.c (grub_hfs_dirrec): New fields 'ctime' and 'mtime'.
	(grub_hfs_filerec): New field mtime.
	(grub_hfs_dir): Handle mtime.
	(grub_hfs_mtime): New function.
	(grub_hfs_fs): Register grub_hfs_mtime.
	* grub-core/fs/iso9660.c (grub_iso9660_date2): New struct.
	(grub_iso9660_dir): New field mtime.
	(grub_fshelp_node): New field dirent.
	(iso9660_to_unixtime): New function.
	(iso9660_to_unixtime2): Likewise.
	(grub_iso9660_read_symlink): Use node->dirent.
	(grub_iso9660_iterate_dir): Likewise.
	(grub_iso9660_dir): Set mtime.
	(grub_iso9660_mtime): New function.
	(grub_iso9660_fs): Register grub_iso9660_mtime.
	* grub-core/fs/jfs.c (grub_jfs_time): New struct.
	(grub_jfs_inode): New fields atime, ctime and mtime.
	(grub_jfs_dir): Set mtime.
	* grub-core/fs/minix.c (grub_minix_dir): Likewise.
	* grub-core/fs/ntfs.c (list_file): Set mtime.
	(grub_ntfs_dir): Likewise.
	* grub-core/fs/reiserfs.c (grub_fshelp_node): New field 'mtime'.
	(grub_reiserfs_iterate_dir): Set mtime.
	(grub_reiserfs_dir): Likewise.
	* grub-core/fs/sfs.c (grub_sfs_obj): New field mtime.
	(grub_fshelp_node): Likewise.
	(grub_sfs_iterate_dir): Set mtime.
	(grub_sfs_dir): Likewise.
	* grub-core/fs/udf.c (grub_udf_dir): Set mtime.
	* grub-core/fs/xfs.c (grub_xfs_time): New struct.
	(grub_xfs_inode): New fields atime, mtime, ctime.
	(grub_xfs_dir): Set mtime.
	* include/grub/datetime.h (grub_datetime2unixtime): New function.
	* include/grub/hfs.h (grub_hfs_sblock): New fields ctime and mtime.
	* include/grub/ntfs.h (grub_fshelp_node): New field mtime.

	Support UDF symlinks.

	* grub-core/fs/udf.c (grub_udf_iterate_dir): Handle symlinks.
	(grub_ufs_read_symlink): New function. All users updated.

	Check amiga partmap checksum.

	* grub-core/partmap/amiga.c (grub_amiga_rdsk): Pad to 128 bytes.
	(grub_amiga_partition): Likewise.
	(amiga_partition_map_checksum): New function.
	(amiga_partition_map_iterate): Check checksum.
2011-05-15 12:23:54 +02:00
Vladimir 'phcoder' Serbinenko
e745cf0ca6 Implement automatic module license checking according to new GNU
guidelines.

	* grub-core/kern/dl.c (grub_dl_check_license): New function.
	(grub_dl_load_core): Use grub_dl_check_license.
	* include/grub/dl.h (GRUB_MOD_SECTION): New macro.
	(GRUB_MOD_LICENSE): Likewise.
	(GRUB_MOD_DUAL_LICENSE): Likewise.
	All modules updated.
2011-04-11 23:01:51 +02:00
Vladimir 'phcoder' Serbinenko
5ee04984d1 * grub-core/fs/iso9660.c (grub_iso9660_label): Rtrim the label. 2011-03-26 14:14:59 +01:00
Vladimir 'phcoder' Serbinenko
f22c12e852 mtime for UDF support 2010-12-10 17:37:32 +01:00
Vladimir 'phcoder' Serbinenko
3b95531920 fix unix range 2010-12-10 15:04:12 +01:00
Vladimir 'phcoder' Serbinenko
c50d99c5e5 file mtime support for iso9660 2010-12-10 11:12:59 +01:00
Vladimir 'phcoder' Serbinenko
a2de6bf6ed filesystem mtime support for iso9660 2010-12-10 10:32:50 +01:00
BVK Chaitanya
8c41176882 automake commit without merge history 2010-05-06 11:34:04 +05:30
Renamed from fs/iso9660.c (Browse further)