Commit graph

3698 commits

Author SHA1 Message Date
Andrei Borzenkov
ebb3d958aa fix memory corruption in pubkey filter over network
grub_pubkey_open closed original file after it was read; it set
io->device to NULL to prevent grub_file_close from trying to close device.
But network device itself is stacked (net -> bufio); and bufio preserved
original netfs file which hold reference to device. grub_file_close(io)
called grub_bufio_close which called grub_file_close for original file.
grub_file_close(netfs-file) now also called grub_device_close which
freed file->device->net. So file structure returned by grub_pubkey_open
now had device->net pointed to freed memory. When later file was closed,
it was attempted to be freed again.

Change grub_pubkey_open to behave like other filters - preserve original
parent file and pass grub_file_close down to parent. In this way only the
original file will close device. We really need to move this logic into
core instead.

Also plug memory leaks in error paths on the way.

Reported-By: Robert Kliewer <robert.kliewer@gmail.com>
Closes: bug #43601
2014-12-05 21:17:08 +03:00
Andrei Borzenkov
3173c7501c grub-core/loader/i386/xen_fileXX.c: memory leak in grub_xen_get_infoXX
CID: 73645, 73782
2014-12-01 21:23:54 +03:00
Andrei Borzenkov
03d79a878b grub-core/fs/zfs/zfsinfo.c: memory leak in print_vdev_info
CID: 73635
2014-12-01 20:54:12 +03:00
Andrei Borzenkov
dbbac5a04c grub-core/lib/syslinux_parse.c: do not free array
say->msg is inline array in a structure and should not be freed.
CID: 73610
2014-11-30 18:49:14 +03:00
Andrei Borzenkov
343dad410e grub-core/disk/lzopio.c: fix double free in error path
CID: 73665
2014-11-28 22:37:00 +03:00
Andrei Borzenkov
bbbcb791ed grub-core/disk/geli.c: fix memory leaks in error paths
CID: 73813, 73710
2014-11-28 22:23:30 +03:00
Andrei Borzenkov
ea44693fc8 grub-core/disk/luks.c: fix use after free and memory leaks
configure_ciphers:

- several memory leaks where allocated ciphers were not freed. CID: 73813,
73710

- use after free. It is probably quite innocent as grub is single threaded,
but could potentially be a problem with memory allocator debugger turned on.
CID: 73730

luks_recover_key:

- memory leak. CID: 73854
2014-11-28 21:12:00 +03:00
Michael Chang
7c4b6b7bb4 send router solicitation for ipv6 address autoconf v2
Many routers have long router advertisment interval configured by
default. The Neighbor Discovery protocol (RFC4861) has defined default
MaxRtrAdvInterval value as 600 seconds and
MinRtrAdvInterval as 0.33*MaxRtrAdvInterval. This makes
net_ipv6_autoconf fails more often than not as currently it passively
listens the RA message to perfom address autoconfiguration.

This patch tries to send router solicitation to overcome the problem of
long RA interval.

v2:
use cpu_to_be macro for network byte order conversion
add missing error handling
2014-11-28 20:21:34 +03:00
Leif Lindholm
004a2b1efd efi: check *path non-null before grub_strrchr
The EFI version of grub_machine_get_bootlocation crops the boot image
name back to the last / in order to get a directory path. However, it
does not check that *name is actually set before calling grub_strrchr
to do this, and neither does grub_strrchr before dereferencing a NULL
pointer.

Parent function, grub_set_prefix_and_root, does check the pointer
before using.
2014-11-17 14:11:01 +00:00
Michael Chang
72ec399ad8 icmp6 fix no respond to neighbor solicit message
The structure size used in grub_netbuff_pull to get the pointer to
option header is apparently wrong, which leads to subsequent range check
failed and therefore not responding to any neighbor solicit message in my
testing.
2014-11-03 20:03:04 +03:00
Andrei Borzenkov
9a67e1ac8e Use full initializer for initrd_ctx to avoid fatal warnings with older GCC
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.

See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
2014-10-14 20:12:15 +04:00
Andrey Borzenkov
954fe77163 cleanup: grub_cpu_to_XXX_compile_time for constants
This tries to catch all cases where grub_cpu_to_XXX was used for constant
expressions (including sizeof).
2014-09-22 20:47:10 +04:00
Valentin Dornauer
0f1f95c7b7 ACPIhalt: Add more ACPI opcodes.
The AML parser implements only a small subset of possible AML
	opcodes. On the Fujitsu Lifebook E744 this and another bug in
	the parser (incorrect handling of TermArg data types) would lead
	to the laptop not turning off (_S5 not found).

	* grub-core/commands/acpihalt.c: Support OpAlias in the AML parser;
	in skip_ext_op(), handle some Type2Opcodes more correctly (TermArgs
	aren't always simply strings!); Add function to skip TermArgs
	* include/grub/acpi.h: Add new opcodes
2014-09-21 18:58:14 +02:00
Vladimir Serbinenko
41c6f91fce * grub-core/normal/main.c: Don't drop to rescue console in
case of password-protected prompt and no menu entries.
2014-09-21 18:51:09 +02:00
Vladimir Serbinenko
7c378c3964 * grub-core/commands/keylayouts.c: Ignore unknown keys. 2014-09-21 18:49:49 +02:00
Vladimir Serbinenko
2988a849fc * grub-core/gmodule.pl.in: Accept newer binutils which output
empty column rather than 0x0.
2014-09-21 18:23:23 +02:00
Vladimir Serbinenko
5e42618e00 Fix wrong commit 2014-09-21 18:18:03 +02:00
Michael Chang
0aece00c54 * grub-core/osdep/unix/config.c: Remove extraneous comma. 2014-09-21 17:49:13 +02:00
Peter Jones
631a820038 Initialized initrd_ctx so we don't free a random pointer from the stack.
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components.  grub_initrd_close() then frees that
address, which is stale data from the stack.  If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.

So initialize the memory up front.

Signed-off-by: Peter Jones <pjones@redhat.com>
2014-09-21 10:36:42 +04:00
Khem Raj
a276b84046 Fix build with glibc 2.20
* grub-core/kern/emu/hostfs.c: squahes below warning
  warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"

Signed-off-by: Khem Raj <raj.khem@gmail.com>

Upstream-Status: Submitted
2014-09-15 19:59:27 +04:00
Michael Chang
54bd9a0610 Fix incorrect address reference in btrfs
We encountered a weird random kernel initrd unpacking error on btrfs
and finally found it was caused by incorrect address reference in range
check for type GRUB_BTRFS_EXTENT_REGULAR and the entire result is
unpredictable.

This is a quick fix to make the address reference to the
grub_btrfs_extent_data structure correctly, not the pointer variable
to it.

Any suggestions to this patch is welcome.
2014-09-08 11:33:40 +01:00
Colin Watson
2a5a532c00 Support grub-emu on x32 (ILP32 but with x86-64 instruction set)
* configure.ac: Remove -m64 from checks for -mcmodel=large and
-mno-red-zone.  These are always either unnecessary (x86_64-emu) or
already in TARGET_CFLAGS at this point, and they produce incorrect
results when building for x32.
* grub-core/kern/x86_64/dl.c (grub_arch_dl_relocate_symbols): Cast
pointers to Elf64_Xword via grub_addr_t, in order to work on x32.
* include/grub/x86_64/types.h (GRUB_TARGET_SIZEOF_VOID_P,
GRUB_TARGET_SIZEOF_LONG): Define to 4 on x32.
2014-09-07 23:04:50 +01:00
Colin Watson
1de3a48098 * grub-core/kern/mips/arc/init.c (grub_machine_get_bootlocation):
Initialise pend to pacify GCC.
2014-08-25 15:19:48 -07:00
Vladimir Serbinenko
3c05833249 * grub-core/term/at_keyboard.c: Retry probing keyboard if
scancode setup failed.
2014-08-13 23:04:01 +02:00
Vladimir Serbinenko
d1224d209b * grub-core/kern/disk_common.c: Clump disk size to 1EiB. 2014-08-10 11:27:36 +02:00
Vladimir Serbinenko
0af3ae2d8b * grub-core/disk/i386/pc/biosdisk.c (grub_biosdisk_rw): Add
safety to avoid triggerring VirtualBox bug.
2014-08-10 11:27:13 +02:00
Vladimir Serbinenko
33f6ce671f * grub-core/fs/cbfs.c: Don't probe disks of unknow size.
Fixes hang on virtualbox.
2014-08-10 09:50:36 +02:00
Роман Пехов
1f6af2a9f8 * grub-core/commands/loadenv.c (check_blocklists): Fix overlap check. 2014-06-22 03:51:50 +04:00
Stephane Rochoy
15bd333e10 * grub-core/loader/i386/bsd.c (grub_netbsd_boot): Pass pointer to
EFI system table.
2014-06-22 01:35:52 +02:00
Stephane Rochoy
3f3ec8ef44 * grub-core/commands/efi/lsefisystab.c (grub_cmd_lsefisystab): Show
EFI system table physical address.
2014-06-22 01:34:57 +02:00
Vladimir Serbinenko
2c2c5c720d * grub-core/commands/verify.c (grub_pubkey_open): Trust procfs. 2014-06-21 20:11:08 +02:00
Vladimir Serbinenko
480c89858e * grub-core/commands/verify.c (grub_pubkey_open): Fix memdisk
check.
2014-06-21 20:10:48 +02:00
Vladimir Serbinenko
4b8b9135f1 * grub-core/kern/misc.c (__bzero): Don't compile in GRUB_UTIL.
Reported by: Yves Blusseau <blusseau@zetam.org>.
2014-04-20 16:12:41 +02:00
Piotr Krysiuk
5a6db38d62 Allow loading old kernels by placing GDT in conventional memory. 2014-04-20 16:00:55 +02:00
Colin Watson
c4badfe836 Improve LVM "logical_volumes" string matching
* grub-core/disk/lvm.c (grub_lvm_detect): Search for
"logical_volumes" block a little more accurately.
2014-04-10 14:42:41 +01:00
Vladimir Serbinenko
a72fc329eb * grub-core/lib/syslinux_parse.c: Fix timeout quoting. 2014-04-06 00:44:44 +02:00
Vladimir Serbinenko
8063ce197f Replace few instances of memcmp/memcpy in the code that should be grub_memcmp/grub_memcpy. 2014-04-04 07:58:42 +02:00
Vladimir Serbinenko
9706066791 * grub-core/osdep/linux/getroot.c (grub_util_part_to_disk): Support NVMe device names. 2014-04-03 21:31:12 +02:00
Thomas Falcon
4afd0107ef btrfs: fix get_root key comparison failures due to endianness
* grub-core/fs/btrfs.c (get_root): Convert
GRUB_BTRFS_ROOT_VOL_OBJECTID to little-endian.
2014-03-31 15:32:30 +01:00
Colin Watson
24024dac7f Fix partmap, cryptodisk, and abstraction handling in grub-mkconfig.
Commit 588744d0dc caused grub-mkconfig
no longer to be forgiving of trailing spaces on grub-probe output
lines, which among other things means that util/grub.d/10_linux.in
no longer detects LVM.  To fix this, make grub-probe's output
delimiting more consistent.  As a bonus, this improves the coverage
of the -0 option.

Fixes Debian bug #735935.

* grub-core/disk/cryptodisk.c
(grub_util_cryptodisk_get_abstraction): Add a user-data argument.
* grub-core/disk/diskfilter.c (grub_diskfilter_get_partmap):
Likewise.
* include/grub/cryptodisk.h (grub_util_cryptodisk_get_abstraction):
Update prototype.
* include/grub/diskfilter.h (grub_diskfilter_get_partmap): Likewise.
* util/grub-install.c (push_partmap_module, push_cryptodisk_module,
probe_mods): Adjust for extra user-data arguments.
* util/grub-probe.c (do_print, probe_partmap, probe_cryptodisk_uuid,
probe_abstraction): Use configured delimiter.  Update callers.
2014-03-31 14:48:46 +01:00
Vladimir Serbinenko
46b74dd3cb * grub-core/lib/relocator.c: Fix the case when end of leftover is used. 2014-03-26 08:48:30 +01:00
Fu Wei
68f17b2b30 * grub-core/loader/arm64/linux.c: Remove redundant "0x". 2014-03-26 08:13:07 +01:00
Nikunj A Dadhania
e4a1fe3919 ieee1275: check for IBM pseries emulated machine
is_qemu is not being set lead to disabling of feature like
GRUB_IEEE1275_FLAG_HAS_CURSORONOFF. This resulted in cursor not being
displayed during the grub-menu edit.

Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
2014-03-24 15:44:33 +00:00
Vladimir Serbinenko
86402b4e0f * include/grub/i386/openbsd_bootarg.h: Add addr and frequency fields.
* grub-core/loader/i386/bsd.c (grub_cmd_openbsd): Fill addr field.

	Suggested by: Markus Müller.
2014-02-28 10:50:05 +01:00
Vladimir Serbinenko
bec35dad2a * grub-core/kern/i386/pc/mmap.c: Fallback to EISA memory map
if E820 failed to return any regions.
2014-02-28 10:07:11 +01:00
Vladimir Serbinenko
dfc5ccfa97 * grub-core/mmap/i386/uppermem.c (lower_hook) [COREBOOT]: Ignore low
tables for low memory calculations.
2014-02-28 09:50:47 +01:00
Vladimir Serbinenko
4a70fed815 * grub-core/loader/i386/multiboot_mbi.c (grub_multiboot_make_mbi): Limit
location to 640K.
2014-02-28 09:48:57 +01:00
Vladimir Serbinenko
f94b2b4eeb * grub-core/kern/i386/coreboot/mmap.c: Filter out 0xa0000-0x100000
region.
2014-02-28 09:47:57 +01:00
Vladimir Serbinenko
d0949e3747 * grub-core/disk/ahci.c: Ignore NPORTS field and rely on PI
exclusively.
2014-02-20 10:11:43 +01:00
Paulo Flabiano Smorigo
9585647a25 add bootpath parser for open firmware
It enables net boot even when there is no bootp/dhcp server.

* grub-core/net/drivers/ieee1275/ofnet.c: Add grub_ieee1275_parse_bootpath and
call it at grub_ieee1275_net_config_real.
* grub-core/kern/ieee1275/init.c: Add bootpath to grub_ieee1275_net_config.
* include/grub/ieee1275/ieee1275.h: Likewise.
2014-02-04 19:02:16 -02:00