Vladimir Serbinenko
ef02b4ca93
multiboot: Simplify to avoid confusing assignment.
...
Found by: Coverity scan.
2015-01-26 09:43:52 +01:00
Vladimir Serbinenko
1e0d718371
bsd: Add missing null-pointer check.
...
Found by: Coverity scan.
2015-01-26 09:42:42 +01:00
Vladimir Serbinenko
49978c5c4f
lib/syslinux_parse: Add missing error check.
...
Found by: Coverity scan.
2015-01-26 09:42:04 +01:00
Vladimir Serbinenko
ca7c1fd6f3
lib/syslinux_parse: Fix memory leak.
...
Found by: Coveriy scan.
2015-01-26 09:41:43 +01:00
Vladimir Serbinenko
aa64393144
lib/syslinux_parse: Add missing alloc check.
...
Found by: Coverity scan.
2015-01-26 09:40:42 +01:00
Vladimir Serbinenko
21f22c7107
i386/pc/mmap: Fix memset size.
...
Found by: Coverity scan.
2015-01-26 09:38:11 +01:00
Vladimir Serbinenko
af0be976bf
gfxmenu/theme_loader: Add missing allos error check.
...
Found by: Coverity scan.
2015-01-26 09:37:39 +01:00
Vladimir Serbinenko
bd74a925e5
gfxmenu/icon_manager: Fix null pointer dereference.
...
Found by: Coverity scan.
2015-01-26 09:37:01 +01:00
Vladimir Serbinenko
a4e33a8b18
fs/ufs: Add missing error check.
...
Found by: Coverity scan.
2015-01-26 09:36:19 +01:00
Vladimir Serbinenko
66baeffc0f
fs/sfs: Fix error check and add sanity check.
...
Found by: Coverity scan.
2015-01-25 20:32:31 +01:00
Vladimir Serbinenko
8c1d086689
fs/reiserfs: Fix sector count overflow.
...
Found by: Coverity scan.
2015-01-25 20:32:31 +01:00
Vladimir Serbinenko
157f9a9cca
fs/ntfs: Add sizes sanity checks.
...
Found by: Coverity scan.
2015-01-25 20:32:31 +01:00
Vladimir Serbinenko
bc0ecd7104
fs/ntfs: Add missing free.
...
Found by: Coverity scan.
2015-01-25 20:32:31 +01:00
Vladimir Serbinenko
ca793e9c05
fs/minix: Fix sector promotion to 64-bit.
...
While on it make GRUB_MINIX_ZONE2SECT into function.
Found by: Coverity scan
2015-01-25 20:32:31 +01:00
Vladimir Serbinenko
ac602ce700
grub_iso9660_read: Explicitly check read_node return value.
...
Not really needed as grub_errno is already checked but is nicer.
Found by: Coverity scan.
2015-01-25 20:32:31 +01:00
Andrei Borzenkov
fb66b512fa
commands/fileXX: Fix remaining memory leak.
...
Found by: Coverity Scan.
2015-01-25 16:36:30 +03:00
Vladimir Serbinenko
d0af2156c3
fs/hfs: Add pointer sanity checks.
...
Found by: Coverity scan.
2015-01-25 13:18:10 +01:00
Vladimir Serbinenko
4387ca78f0
fs/hfs/hfs_open: Check that mount succeeded.
...
Found by: Coverity scan.
2015-01-25 01:28:17 +01:00
Vladimir Serbinenko
83543f937a
fs/fat: Fix codepath to properly free on error.
...
Found by: Coverity scan.
2015-01-25 01:27:44 +01:00
Vladimir Serbinenko
faad548ce3
fs/cpio_common: Add a sanity check on namesize.
...
Found by: Coverity scan.
2015-01-25 00:11:59 +01:00
Vladimir Serbinenko
b6f21bcb98
fs/cbfs: Add missing free.
...
Found by: Coverity scan.
2015-01-25 00:00:49 +01:00
Vladimir Serbinenko
dd430afbf8
font: Add missing free.
...
Found by: Coverity Scan.
2015-01-24 21:55:18 +01:00
Vladimir Serbinenko
d1130afa5f
biosdisk: Add missing cast.
...
Found by: Coverity scan.
2015-01-24 21:50:30 +01:00
Vladimir Serbinenko
7656b72b17
disk/geli: Add missing free.
...
Found by: Coverity scan.
2015-01-24 21:47:51 +01:00
Vladimir Serbinenko
6f43e350ed
disk/geli: Add missing seek success check.
...
Found by: Coverity scan.
2015-01-24 21:46:23 +01:00
Vladimir Serbinenko
f2baeb194b
disk/diskfilter: Add missing lv presence check.
...
Found by: Coverity scan.
2015-01-24 21:44:27 +01:00
Vladimir Serbinenko
4c7337bfe9
disk/cryptodisk: Add missing error check.
...
Found by: Coverity scan.
2015-01-24 21:38:22 +01:00
Vladimir Serbinenko
2a8200bba8
disk/ahci: Fix device_map_range argument.
...
Argument is not used on x86, hence it's gone unnoticed.
Found by: Coverity scan.
2015-01-24 21:37:28 +01:00
Vladimir Serbinenko
7d97335942
disk/AFsplitter: check argument validity before doing any allocs.
...
This avoids possible memory leaks.
Found by: Coverity scan.
2015-01-24 21:33:30 +01:00
Vladimir Serbinenko
3b1b39c082
commands/wildcard: Add missing free.
...
Found by: Coverity scan.
2015-01-24 21:29:19 +01:00
Vladimir Serbinenko
37ba761b1c
commands/verify: Fix sha1 context zeroing-out.
...
Current code doesn't zero-out context completely. It's a minor issue
really as sha1 init already takes care of initing the context.
2015-01-24 21:27:10 +01:00
Vladimir Serbinenko
6079e67926
commands/tr: Simplify and fix missing parameter test.
...
Found by: Coverity scan
2015-01-24 21:25:42 +01:00
Vladimir Serbinenko
fbae51dcea
commands/syslinux: Add missing free.
...
Found by: Coverity scan.
2015-01-24 21:23:25 +01:00
Vladimir Serbinenko
4947f11b09
commands/parttool: Add missing device close.
...
Found by: Coverity scan.
2015-01-24 21:22:02 +01:00
Vladimir Serbinenko
bd50aa323d
commands/nativedisk: Add missing device_close.
...
Found by: Coverity scan.
2015-01-24 21:18:36 +01:00
Vladimir Serbinenko
72bbd8046a
commands/macbless: Handle device opening errors correctly.
...
Wrong variable was checked for errors.
Found by: Coverity scan.
2015-01-24 21:15:14 +01:00
Vladimir Serbinenko
e3b3e53f72
commands/macbless: Fix potential overflow.
...
Is a minor concern as no such FS would be created under normal circumstances
and failure was benign.
Found by: Coverity scan.
2015-01-24 21:12:02 +01:00
Vladimir Serbinenko
09e84f188b
commands/macbless: Remove incorrect grub_free.
...
Found by: Coverity Scan
2015-01-24 21:08:50 +01:00
Vladimir Serbinenko
f579f097bb
commands/legacycfg: Fix resource leaks.
2015-01-24 21:06:23 +01:00
Vladimir Serbinenko
12a9c52e51
zfs: Fix disk-matching logic.
...
Reported by: Tim Chase <dweeezil>
2015-01-24 20:57:26 +01:00
Vladimir Serbinenko
68cf24376c
commands/hdparm: Add missing grub_disk_close.
...
Found by: Coverity scan.
2015-01-24 20:55:06 +01:00
Vladimir Serbinenko
9d999852a2
gptsync: Add missing device_close.
...
Found by: Coverity scan
2015-01-24 20:52:02 +01:00
Vladimir Serbinenko
95a8c9182b
commands/fileXX: Fix memory leak.
...
Found by: Coverity Scan.
2015-01-24 20:50:35 +01:00
Vladimir Serbinenko
b04c6d32ce
commands/file: Change the confusing loop stop condition.
...
Old condition was used to zero-out header variable on exit of the loop.
This is correct but confusing. Replace with in-loop logic.
Found by: Coverity Scan.
2015-01-24 20:47:41 +01:00
Vladimir Serbinenko
e902163e48
commands/acpi: Use ALIGN_UP rather than manual expression.
...
Improves readability and hopefully automatic scanning.
Found by: Coverity Scan.
2015-01-24 20:41:43 +01:00
Vladimir Serbinenko
9ff9d5a54e
uhci: Fix null pointer dereference.
...
Found by: Coverity scan.
2015-01-24 20:38:12 +01:00
Vladimir Serbinenko
7d027b4d3e
efidisk: Return the determined root disk even if partition is unknown.
2015-01-24 19:53:13 +01:00
Andrey Borzenkov
2f73d2733c
accept also hdX as alias to native Xen disk name
...
To be compatible with legacy pv-grub, sort disks by increasing order of handle
value. This allows reusing legacy pv-grub menu.lst which is using hdX names.
Suggested-By: Michael Chang <mchang@suse.com>
Closes: 44026
2015-01-23 19:52:45 +03:00
Felix Janda
3bac4caa2b
Remove direct _llseek code and require long filesystem libc.
2015-01-22 19:54:36 +01:00
Vladimir Serbinenko
6866f2ba37
Remove potential division by 0 in gfxmenu.
2015-01-21 17:42:15 +01:00
Vladimir Serbinenko
44b38e4988
grub_menu_init_page: Avoid returning 0 geometry to avoid divisions by 0.
2015-01-21 17:42:15 +01:00
Vladimir Serbinenko
68581b009f
unix/cputime.c: Cache sc_clk_tck and check it for sanity.
2015-01-21 17:42:15 +01:00
Vladimir Serbinenko
69aee43fa6
* grub-core/kern/efi/mm.c (grub_efi_get_memory_map): Never return a
...
descriptor_size==0 to avoid potential divisions by zero.
2015-01-21 17:42:15 +01:00
Vladimir Serbinenko
ac8bac2496
haiku/getroot.c (grub_util_find_partition_start_os): Avoid division by zero.
2015-01-21 17:42:15 +01:00
Vladimir Serbinenko
4e0a25a4c0
rtc_get_time_ms.c (grub_rtc_get_time_ms): Avoid division by zero.
2015-01-21 17:42:14 +01:00
Vladimir Serbinenko
b666e01b9c
* grub-core/loader/i386/xnu.c (guessfsb): Avoid division by 0.
2015-01-21 17:42:14 +01:00
Vladimir Serbinenko
2e62352bc2
* grub-core/kern/i386/tsc.c (calibrate_tsc): Ensure that
...
no division by 0 occurs.
2015-01-21 17:42:14 +01:00
Vladimir Serbinenko
c453760c71
* grub-core/term/gfxterm.c: Avoid division by zero.
2015-01-21 17:42:13 +01:00
Vladimir Serbinenko
e95685dab1
Avoid division by zero in serial.
2015-01-21 17:42:13 +01:00
Vladimir Serbinenko
4816dcac19
* grub-core/video/readers/jpeg.c: Avoid division by zero.
2015-01-21 17:42:13 +01:00
Vladimir Serbinenko
750f4bacd3
* grub-core/disk/diskfilter.c: Validate volumes to avoid division by zero.
2015-01-21 17:42:13 +01:00
Vladimir Serbinenko
475bffeae6
* grub-core/fs/zfs.c: Avoid divisions by zero.
2015-01-21 17:42:12 +01:00
Vladimir Serbinenko
9deb46e363
* grub-core/fs/btrfs.c: Avoid divisions by zero.
2015-01-21 17:42:12 +01:00
Vladimir Serbinenko
065ed900d4
grub-core/lib/pbkdf2.c (grub_crypto_pbkdf2): Check that hash len is not 0.
2015-01-21 17:42:12 +01:00
Vladimir Serbinenko
111ab3b9cc
osdep/linux/blocklist.c (grub_install_get_blocklist): Check blocksize validity.
2015-01-21 17:42:12 +01:00
Vladimir Serbinenko
4200ad44fe
* grub-core/disk/i386/pc/biosdisk.c: Check disk size sanity.
2015-01-21 17:42:12 +01:00
Vladimir Serbinenko
f1959b1695
* grub-core/disk/ieee1275/nand.c (grub_nand_open): Check block size
...
validity.
2015-01-21 17:42:11 +01:00
Vladimir Serbinenko
935863518f
grub_dmraid_nv_detect: Do not divide by zero.
2015-01-21 17:42:11 +01:00
Vladimir Serbinenko
98f74998d5
* grub-core/fs/hfs.c (grub_hfs_mount): Additional filesystem sanity checks.
2015-01-21 17:42:11 +01:00
Vladimir Serbinenko
5ed3a5d049
* grub-core/fs/minix.c: Additional filesystem sanity checks.
2015-01-21 17:42:11 +01:00
Vladimir Serbinenko
47cd2645dd
* grub-core/fs/ext2.c (grub_ext2_mount): Additional checks for superblock validity.
2015-01-21 17:42:11 +01:00
Vladimir Serbinenko
245e21b2b5
grub_ufs_mount: Check that sblock.ino_per_group is not 0.
2015-01-21 17:42:11 +01:00
Vladimir Serbinenko
9201cd79a3
Reject NILFS2 superblocks with over 1GiB blocks.
...
* grub-core/fs/nilfs2.c (grub_nilfs2_valid_sb): Check that
block size is <= 1GiB.
2015-01-21 17:42:10 +01:00
Vladimir Serbinenko
f27ccb584c
grub_ata_setaddress: Check that geometry is sane when using CHS addressing.
2015-01-21 17:42:10 +01:00
Vladimir Serbinenko
1dfe3f973e
* grub-core/disk/AFSplitter.c (AF_merge): Check that mdlen is not 0.
2015-01-21 17:42:10 +01:00
Vladimir Serbinenko
44461d5af2
grub_cmd_play: Avoid division by zero.
2015-01-21 17:42:10 +01:00
Vladimir Serbinenko
30e177a05b
grub-core/fs/minix.c (grub_minix_read_file): Avoid reading past the end of file.
2015-01-21 17:42:06 +01:00
Vladimir Serbinenko
af435524cd
grub_fshelp_read_file: Don't attempt to read past the end of file.
2015-01-21 17:38:04 +01:00
Vladimir Serbinenko
66ce4d1aef
grub_script_lexer_yywrap: Update len synchronously with line.
2015-01-21 17:38:01 +01:00
Vladimir Serbinenko
59d4036594
Replace explicit sizeof divisions by ARRAY_SIZE.
2015-01-21 17:37:31 +01:00
Kris Moore
ba3031f996
Support GELI v6 and v7
2015-01-19 21:56:41 +03:00
Andrei Borzenkov
bac5d1a64a
Fix serial --rtscts option processing
2014-12-09 21:56:39 +03:00
David Kozub
17328db3b3
grub-core/kern/arm/misc.S: fix unaligned grub_uint64_t local variable
...
The unaligned local in __aeabi_uidivmod leads to a store to a 64bit
value at an address that is not divisible by 8 (in grub_divmod64).
The compiler most likely generates a STRD instruction to store it and
this causes an exception.
Fixes Savannah bug #43632 .
This includes improvements done by Leif Lindholm.
2014-12-07 20:16:29 +03:00
Peter Nelson
58f66137a3
* grub-core/fs/ext2.c (grub_ext2_read_block): Support large sparse chunks.
2014-12-07 17:57:49 +01:00
Curtis Larsen
06eadf5ebf
fix double free in grub_net_recv_tcp_packet
...
Using the http module to download config files, produces memory errors,
after the config file is downloaded.
The error was traced to the tcp stack in grub-core/net/tcp.c. The wrong
netbuff pointer was being freed in the clean up loop.
Changing the code to free the correct netbuff pointer removes the runtime
error.
Closes 42765.
2014-12-07 11:28:57 +03:00
Andrei Borzenkov
ebb3d958aa
fix memory corruption in pubkey filter over network
...
grub_pubkey_open closed original file after it was read; it set
io->device to NULL to prevent grub_file_close from trying to close device.
But network device itself is stacked (net -> bufio); and bufio preserved
original netfs file which hold reference to device. grub_file_close(io)
called grub_bufio_close which called grub_file_close for original file.
grub_file_close(netfs-file) now also called grub_device_close which
freed file->device->net. So file structure returned by grub_pubkey_open
now had device->net pointed to freed memory. When later file was closed,
it was attempted to be freed again.
Change grub_pubkey_open to behave like other filters - preserve original
parent file and pass grub_file_close down to parent. In this way only the
original file will close device. We really need to move this logic into
core instead.
Also plug memory leaks in error paths on the way.
Reported-By: Robert Kliewer <robert.kliewer@gmail.com>
Closes: bug #43601
2014-12-05 21:17:08 +03:00
Andrei Borzenkov
3173c7501c
grub-core/loader/i386/xen_fileXX.c: memory leak in grub_xen_get_infoXX
...
CID: 73645, 73782
2014-12-01 21:23:54 +03:00
Andrei Borzenkov
03d79a878b
grub-core/fs/zfs/zfsinfo.c: memory leak in print_vdev_info
...
CID: 73635
2014-12-01 20:54:12 +03:00
Andrei Borzenkov
dbbac5a04c
grub-core/lib/syslinux_parse.c: do not free array
...
say->msg is inline array in a structure and should not be freed.
CID: 73610
2014-11-30 18:49:14 +03:00
Andrei Borzenkov
343dad410e
grub-core/disk/lzopio.c: fix double free in error path
...
CID: 73665
2014-11-28 22:37:00 +03:00
Andrei Borzenkov
bbbcb791ed
grub-core/disk/geli.c: fix memory leaks in error paths
...
CID: 73813, 73710
2014-11-28 22:23:30 +03:00
Andrei Borzenkov
ea44693fc8
grub-core/disk/luks.c: fix use after free and memory leaks
...
configure_ciphers:
- several memory leaks where allocated ciphers were not freed. CID: 73813,
73710
- use after free. It is probably quite innocent as grub is single threaded,
but could potentially be a problem with memory allocator debugger turned on.
CID: 73730
luks_recover_key:
- memory leak. CID: 73854
2014-11-28 21:12:00 +03:00
Michael Chang
7c4b6b7bb4
send router solicitation for ipv6 address autoconf v2
...
Many routers have long router advertisment interval configured by
default. The Neighbor Discovery protocol (RFC4861) has defined default
MaxRtrAdvInterval value as 600 seconds and
MinRtrAdvInterval as 0.33*MaxRtrAdvInterval. This makes
net_ipv6_autoconf fails more often than not as currently it passively
listens the RA message to perfom address autoconfiguration.
This patch tries to send router solicitation to overcome the problem of
long RA interval.
v2:
use cpu_to_be macro for network byte order conversion
add missing error handling
2014-11-28 20:21:34 +03:00
Leif Lindholm
004a2b1efd
efi: check *path non-null before grub_strrchr
...
The EFI version of grub_machine_get_bootlocation crops the boot image
name back to the last / in order to get a directory path. However, it
does not check that *name is actually set before calling grub_strrchr
to do this, and neither does grub_strrchr before dereferencing a NULL
pointer.
Parent function, grub_set_prefix_and_root, does check the pointer
before using.
2014-11-17 14:11:01 +00:00
Michael Chang
72ec399ad8
icmp6 fix no respond to neighbor solicit message
...
The structure size used in grub_netbuff_pull to get the pointer to
option header is apparently wrong, which leads to subsequent range check
failed and therefore not responding to any neighbor solicit message in my
testing.
2014-11-03 20:03:04 +03:00
Andrei Borzenkov
9a67e1ac8e
Use full initializer for initrd_ctx to avoid fatal warnings with older GCC
...
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
2014-10-14 20:12:15 +04:00
Andrey Borzenkov
954fe77163
cleanup: grub_cpu_to_XXX_compile_time for constants
...
This tries to catch all cases where grub_cpu_to_XXX was used for constant
expressions (including sizeof).
2014-09-22 20:47:10 +04:00
Valentin Dornauer
0f1f95c7b7
ACPIhalt: Add more ACPI opcodes.
...
The AML parser implements only a small subset of possible AML
opcodes. On the Fujitsu Lifebook E744 this and another bug in
the parser (incorrect handling of TermArg data types) would lead
to the laptop not turning off (_S5 not found).
* grub-core/commands/acpihalt.c: Support OpAlias in the AML parser;
in skip_ext_op(), handle some Type2Opcodes more correctly (TermArgs
aren't always simply strings!); Add function to skip TermArgs
* include/grub/acpi.h: Add new opcodes
2014-09-21 18:58:14 +02:00
Vladimir Serbinenko
41c6f91fce
* grub-core/normal/main.c: Don't drop to rescue console in
...
case of password-protected prompt and no menu entries.
2014-09-21 18:51:09 +02:00
Vladimir Serbinenko
7c378c3964
* grub-core/commands/keylayouts.c: Ignore unknown keys.
2014-09-21 18:49:49 +02:00