vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
9960 commits 7 branches 0 tags 73 MiB
Commit graph

29 commits

Author SHA1 Message Date
Daniel Kiper
89f3da1a3d font: Do not load more than one NAME section 
The GRUB font file can have one NAME section only. Though if somebody
crafts a broken font file with many NAME sections and loads it then the
GRUB leaks memory. So, prevent against that by loading first NAME
section and failing in controlled way on following one.

Reported-by: Chris Coulson <chris.coulson@canonical.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
 2020-07-29 16:55:48 +02:00
Peter Jones
3f05d693d1 malloc: Use overflow checking primitives where we do complex allocations 
This attempts to fix the places where we do the following where
arithmetic_expr may include unvalidated data:

  X = grub_malloc(arithmetic_expr);

It accomplishes this by doing the arithmetic ahead of time using grub_add(),
grub_sub(), grub_mul() and testing for overflow before proceeding.

Among other issues, this fixes:
  - allocation of integer overflow in grub_video_bitmap_create()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_squash_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_ext2_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in read_section_as_string()
    reported by Chris Coulson.

Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 2020-07-29 16:55:47 +02:00
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places 
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 2020-07-29 16:55:47 +02:00
Vladimir Serbinenko
ca0a4f689a verifiers: File type for fine-grained signature-verification controlling 
Let's provide file type info to the I/O layer. This way verifiers
framework and its users will be able to differentiate files and verify
only required ones.

This is preparatory patch.

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
 2018-11-09 13:25:31 +01:00
Vladimir Serbinenko
9ee5ae1fae Document intentional fallthroughs. 
Found by: Coverity scan.
 2015-01-27 17:17:58 +01:00
Vladimir Serbinenko
dd430afbf8 font: Add missing free. 
Found by: Coverity Scan.
 2015-01-24 21:55:18 +01:00
Vladimir Serbinenko
6f07c4e407 Pass font config to config.h and not by TARGET_CFLAGS as adding 
arguments doesn't work if TARGET_CFLAGS is specified on command
	line.
 2013-12-04 10:25:53 +01:00
Vladimir 'phcoder' Serbinenko
ccfc0bdb53 Fix typo (failback vs fallback). 2013-06-07 15:35:16 +02:00
Vladimir 'phcoder' Serbinenko
fc4c4fddf6 Detach optional parts of gfxterm and integrate in with coreboot init. 2013-05-31 00:42:33 +02:00
Vladimir 'phcoder' Serbinenko
b8323067e8 * grub-core/font/font.c, include/grub/font.h: Inline simple font 
functions.
 2013-05-30 21:58:24 +02:00
Vladimir 'phcoder' Serbinenko
c5b7697bbb * grub-core/font/font.c: Use grub_dprintf for debug statements rather 
than printf.
 2013-05-07 11:26:15 +02:00
Vladimir 'phcoder' Serbinenko
85002bf34a Agglomerate more mallocs to speed-up gfxterm. 2013-05-04 22:23:23 +02:00
Vladimir 'phcoder' Serbinenko
82ae74d7bd * grub-core/font/font.c (grub_font_construct_glyph): Fix memory leak. 2013-05-04 13:11:57 +02:00
Vladimir 'phcoder' Serbinenko
a79b8a1584 Merge powerpc grub-mkrescue flavour with common. Use xorriso HFS+ 
feature for it.
 2013-04-11 23:15:26 +02:00
Colin Watson
d44892fed9 * grub-core/font/font.c (blit_comb: do_blit): Make static instead of 
nested.
(blit_comb: add_device_width): Likewise.
 2013-01-21 21:03:26 +00:00
Vladimir 'phcoder' Serbinenko
4e5a96b02e Remove dor on i and j when combining with above diacritics. 
* include/grub/unicode.h (GRUB_UNICODE_DOTLESS_LOWERCASE_I): New enum
	value.
	(GRUB_UNICODE_DOTLESS_LOWERCASE_J): Likewise.
	* grub-core/font/font.c (grub_font_construct_dry_run): Replace i and j
	with dotless variants when any combining above is present.
 2012-06-11 00:20:55 +02:00
Vladimir 'phcoder' Serbinenko
0a2d5a8275 * grub-core/font/font.c (blit_comb): Handle dagesh somewhat. 2012-04-01 21:27:17 +02:00
Vladimir 'phcoder' Serbinenko
036985b8ce Remove grub_{modname}_init and grub_{modname}_fini. They should never 
be used directly if it's really a module and GRUB_MOD_INIT shouldn't
	be used on non-modules.

	* grub-core/commands/boot.c (GRUB_MOD_INIT) [LOONGSON || QEMU_MIPS]:
	Rename to grub_boot_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to grub_boot_fini.
	* grub-core/commands/keylayouts.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_keylayouts_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to grub_keylayouts_fini.
	* grub-core/font/font_cmd.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_font_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to grub_font_fini.
	* grub-core/kern/mips/loongson/init.c: Replace explicit protos with
	includes.
	(grub_machine_init): Remove empty inits.
	* grub-core/kern/mips/qemu_mips/init.c: Replace explicit protos with
	includes.
	(grub_machine_init): Remove empty inits.
	* grub-core/term/arc/console.c: Remove explicit proto.
	* grub-core/term/at_keyboard.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_at_keyboard_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to
	grub_at_keyboard_fini.
	* grub-core/term/gfxterm.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_gfxterm_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to
	grub_gfxterm_fini.
	* grub-core/term/i386/pc/vga_text.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_vgatext_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to
	grub_vgatext_fini.
	* grub-core/term/ieee1275/console.c: Remove explicit proto.
	* grub-core/term/serial.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_serial_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to
	grub_serial_fini.
	* grub-core/term/terminfo.c (GRUB_MOD_INIT)
	[LOONGSON || QEMU_MIPS]: Rename to grub_terminfo_init.
	(GRUB_MOD_FINI) [LOONGSON || QEMU_MIPS]: Rename to
	grub_terminfo_fini.
	* grub-core/video/bitmap.c (GRUB_MOD_INIT): Removed.
	(GRUB_MOD_FINI): Likewise.
	* grub-core/video/radeon_fuloong2e.c (GRUB_MOD_INIT)
	[LOONGSON]: Rename to grub_video_radeon_fuloong2e_init.
	(GRUB_MOD_FINI) [LOONGSON]: Rename to
	grub_video_radeon_fuloong2e_fini.
	* grub-core/video/sis315pro.c (GRUB_MOD_INIT)
	[LOONGSON]: Rename to grub_video_sis315pro_init.
	(GRUB_MOD_FINI) [LOONGSON]: Rename to
	grub_video_sis315pro_fini.
	* grub-core/video/sm712.c (GRUB_MOD_INIT)
	[LOONGSON]: Rename to grub_video_sm712_init.
	(GRUB_MOD_FINI) [LOONGSON]: Rename to
	grub_video_sm712_fini.
	* include/grub/at_keyboard.h (grub_at_keyboard_init): New proto.
	(grub_at_keyboard_fini): Likewise.
	* include/grub/dl.h (GRUB_MOD_INIT) [!GRUB_UTIL && !EMU]:
	Don't declare grub_{modname}_init.
	(GRUB_MOD_INIT) [!GRUB_UTIL && !EMU]: Don't declare grub_{modname}_fini.
	* include/grub/keyboard_layouts.h (grub_keylayouts_init) [!EMU]:
	New proto.
	(grub_keylayouts_fini) [!EMU]: Likewise.
	* include/grub/serial.h (grub_serial_init) [!EMU]:
	New proto.
	(grub_serial_fini) [!EMU]: Likewise.
	* include/grub/terminfo.h (grub_terminfo_init) [!EMU]:
	New proto.
	(grub_terminfo_fini) [!EMU]: Likewise.
	* include/grub/video.h (grub_font_init) [!EMU]:
	New proto.
	(grub_font_fini) [!EMU]: Likewise.
	(grub_gfxterm_init) [!EMU]: Likewise.
	(grub_gfxterm_fini) [!EMU]: Likewise.
	(grub_video_sm712_init) [!EMU]: Likewise.
	(grub_video_sm712_fini) [!EMU]: Likewise.
	(grub_video_sis315pro_init) [!EMU]: Likewise.
	(grub_video_sis315pro_fini) [!EMU]: Likewise.
	(grub_video_radeon_fuloong2e_init) [!EMU]: Likewise.
	(grub_video_radeon_fuloong2e_fini) [!EMU]: Likewise.
 2012-02-27 00:28:45 +01:00
Vladimir 'phcoder' Serbinenko
274416e82f * grub-core/font/font.c (grub_font_load): Add support for default 
path for fonts ($prefix/fonts).
	* grub-core/kern/corecmd.c (grub_core_cmd_insmod): Unify condition
	for checking if string is a path.
	* grub-core/normal/main.c (features): Add feature_default_font_path.
	* util/grub-mkconfig.in: Skip mangling of GRUB_FONT into GRUB_FONT_PATH.
	* util/grub.d/00_header.in: Use default directory if possible.
	* util/grub-install.in: Install unicode.pf2.
 2012-02-24 11:18:06 +01:00
Vladimir 'phcoder' Serbinenko
ebcecdf1c3 Increase warning level. 
* conf/Makefile.common (CFLAGS_GNULIB): Add -Wno-redundant-decls
	-Wno-unreachable-code -Wno-conversion -Wno-old-style-definition.
	* configure.ac (HOST_CFLAGS): Add bunch of -W arguments.
	(TARGET_CFLAGS): Likewise.
	(HOST_CFLAGS): Add -Werror unless --disable-werror is activated.
	* grub-core/Makefile.core.def (decompressor_xz): Add
	-Wno-unreachable-code.
	(normal): Add -Wno-redundant-decls.
	(xzio): Add -Wno-unreachable-code.
	(lzopio): Add -Wno-redundant-decls -Wno-error.
	* grub-core/commands/acpi.c: Add exception to -Wcast-align.
	* grub-core/commands/lsacpi.c: Add exception to -Wcast-align.
	* grub-core/gensymlist.sh: Add exception to -Wmissing-format-attribute.
	* grub-core/kern/dl.c: Add exception to -Wcast-align.
	* grub-core/kern/efi/efi.c (grub_efi_modules_addr): Likewise.
	* grub-core/kern/i386/coreboot/init.c: Add exception to
	-Wsuggest-attribute=noreturn.
	* grub-core/kern/ia64/dl.c: Add exception to -Wcast-align.
	* grub-core/kern/ia64/dl_helper.c: Likewise.
	* grub-core/kern/mips/dl.c: Likewise.
	* grub-core/kern/sparc64/dl.c: Likewise.
	* grub-core/lib/LzmaEnc.c: Add exception to -Wshadow.
	* grub-core/lib/libgcrypt_wrap/cipher_wrap.h (memcpy): Likewise.
	(memcmp): Likewise.
	* grub-core/lib/pbkdf2.c: Add exception to -Wunreachable-code.
	* grub-core/loader/ia64/efi/linux.c: Add exception to -Wcast-align.
	* grub-core/loader/mips/linux.c: Likewise.
	* grub-core/loader/multiboot_elfxx.c: Likewise.
	* grub-core/script/parser.y: Add exception to -Wunreachable-code.
	* grub-core/video/sm712.c: Add exception to -Wcast-align.
	* util/import_gcry.py: Add -Wno-cast-align to modules checked by hand.
	* grub-core/font/font.c (grub_font_loader_init): Add explicit cast and
	fixme.
	* grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Likewise.
	* grub-core/kern/i386/multiboot_mmap.c (grub_machine_mmap_init):
	Fix prototype.
 2012-02-10 16:48:48 +01:00
Vladimir 'phcoder' Serbinenko
9c4b5c13e6 Improve gettext support. Stylistic fixes and error handling fixes while 
on it.
 2012-02-08 19:26:01 +01:00
Vladimir 'phcoder' Serbinenko
7a45a539db Don't override more informative errors. 
* grub-core/commands/acpi.c (grub_cmd_acpi): Don't override errors.
	* grub-core/font/font.c (open_section): Likewise.
	* grub-core/loader/i386/bsd.c (grub_bsd_load_aout): New argument
	filename. Don't override errors.
	(grub_cmd_openbsd_ramdisk): Don't override errors.
	* grub-core/loader/i386/linux.c (grub_cmd_linux): Likewise.
	(grub_cmd_initrd): Likewise.
	* grub-core/loader/i386/pc/linux.c (grub_cmd_linux): Likewise.
	(grub_cmd_initrd): Likewise.
	* grub-core/loader/ia64/efi/linux.c (grub_load_elf64): Likewise.
	(grub_cmd_linux): Likewise.
	(grub_cmd_initrd): Likewise.
	(grub_cmd_payload): Likewise.
	* grub-core/loader/mips/linux.c (grub_cmd_initrd): Likewise.
	* grub-core/loader/multiboot.c (grub_cmd_multiboot): Likewise.
	(grub_cmd_module): Likewise.
	* grub-core/loader/powerpc/ieee1275/linux.c (grub_cmd_initrd): Likewise.
	* grub-core/loader/sparc64/ieee1275/linux.c (grub_cmd_initrd): Likewise.
	* grub-core/loader/xnu.c (grub_xnu_load_driver): Likewise.
	(grub_cmd_xnu_mkext): Likewise.
	(grub_cmd_xnu_ramdisk): Likewise.
	(grub_xnu_check_os_bundle_required): Likewise.
	(grub_xnu_load_kext_from_dir): Likewise.
	(grub_cmd_xnu_kextdir): Likewise.
	* grub-core/loader/xnu_resume.c (grub_xnu_resume): Likewise.
 2011-12-26 12:58:08 +01:00
Vladimir 'phcoder' Serbinenko
6e0632e28c * grub-core/commands/acpihalt.c: Gettextized. 
* grub-core/commands/cacheinfo.c: Likewise.
	* grub-core/commands/cmp.c: Likewise.
	* grub-core/commands/efi/loadbios.c: Likewise.
	* grub-core/commands/gptsync.c: Likewise.
	* grub-core/commands/ieee1275/suspend.c: Likewise.
	* grub-core/commands/legacycfg.c: Likewise.
	* grub-core/commands/memrw.c: Likewise.
	* grub-core/commands/minicmd.c: Likewise.
	* grub-core/commands/parttool.c: Likewise.
	* grub-core/commands/time.c: Likewise.
	* grub-core/commands/videoinfo.c: Likewise.
	* grub-core/disk/geli.c: Likewise.
	* grub-core/disk/i386/pc/biosdisk.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
	* grub-core/disk/lvm.c: Likewise.
	* grub-core/font/font_cmd.c: Likewise.
	* grub-core/fs/zfs/zfscrypt.c: Likewise.
	* grub-core/fs/zfs/zfsinfo.c: Likewise.
	* grub-core/gfxmenu/view.c: Likewise.
	* grub-core/kern/emu/hostdisk.c: Likewise.
	* grub-core/kern/emu/main.c: Likewise.
	* grub-core/kern/emu/misc.c: Likewise.
	* grub-core/kern/emu/mm.c: Likewise.
	* grub-core/kern/mips/arc/init.c: Likewise.
	* grub-core/kern/mips/loongson/init.c: Likewise.
	* grub-core/kern/partition.c: Likewise.
	* grub-core/lib/i386/halt.c: Likewise.
	* grub-core/lib/mips/arc/reboot.c: Likewise.
	* grub-core/lib/mips/loongson/reboot.c: Likewise.
	* grub-core/loader/i386/pc/chainloader.c: Likewise.
	* grub-core/loader/i386/xnu.c: Likewise.
	* grub-core/loader/multiboot.c: Likewise.
	* grub-core/net/bootp.c: Likewise.
	* grub-core/net/net.c: Likewise.
	* grub-core/normal/term.c: Likewise.
	* grub-core/partmap/bsdlabel.c: Likewise.
	* grub-core/parttool/msdospart.c: Likewise.
	* grub-core/term/gfxterm.c: Likewise.
	* grub-core/term/terminfo.c: Likewise.
	* grub-core/video/i386/pc/vbe.c: Likewise.
	* util/grub-menulst2cfg.c: Likewise.
	* util/grub-mkdevicemap.c: Likewise.
	* util/grub-mklayout.c: Likewise.
	* util/grub-mkrelpath.c: Likewise.
	* util/grub-script-check.c: Likewise.
	* util/ieee1275/grub-ofpathname.c: Likewise.
	* util/resolve.c: Likewise.
 2011-11-11 21:44:56 +01:00
Vladimir 'phcoder' Serbinenko
df067ad13a * grub-core/efiemu/mm.c (grub_efiemu_mmap_fill): Change printf into 
dprintf.
	* grub-core/font/font.c (grub_font_load): Likewise.
 2011-11-11 20:59:25 +01:00
Vladimir 'phcoder' Serbinenko
b25db21885 * grub-core/font/font_cmd.c (loadfont_command): Set grub_errno 
on error if not already done.
 2011-05-14 22:29:27 +02:00
Vladimir 'phcoder' Serbinenko
25a4533875 Fix few potential memory misusage. 
* grub-core/font/font.c (load_font_index): Don't free char_index to
	avoid double free.
 2011-05-14 22:26:52 +02:00
Vladimir 'phcoder' Serbinenko
e745cf0ca6 Implement automatic module license checking according to new GNU 
guidelines.

	* grub-core/kern/dl.c (grub_dl_check_license): New function.
	(grub_dl_load_core): Use grub_dl_check_license.
	* include/grub/dl.h (GRUB_MOD_SECTION): New macro.
	(GRUB_MOD_LICENSE): Likewise.
	(GRUB_MOD_DUAL_LICENSE): Likewise.
	All modules updated.
 2011-04-11 23:01:51 +02:00
BVK Chaitanya
297f0c2b6e merge with mainline 2010-07-13 00:43:28 +05:30
BVK Chaitanya
8c41176882 automake commit without merge history 2010-05-06 11:34:04 +05:30