vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
grub/grub-core/loader
History
Peter Jones 3f05d693d1 malloc: Use overflow checking primitives where we do complex allocations 
This attempts to fix the places where we do the following where
arithmetic_expr may include unvalidated data:

  X = grub_malloc(arithmetic_expr);

It accomplishes this by doing the arithmetic ahead of time using grub_add(),
grub_sub(), grub_mul() and testing for overflow before proceeding.

Among other issues, this fixes:
  - allocation of integer overflow in grub_video_bitmap_create()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_squash_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_ext2_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in read_section_as_string()
    reported by Chris Coulson.

Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
..
arm calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
arm64 efi: Rename armxx to arch 2019-02-25 11:28:44 +01:00
efi calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
i386 malloc: Use overflow checking primitives where we do complex allocations 2020-07-29 16:55:47 +02:00
ia64/efi verifiers: IA-64 fallout cleanup 2019-03-20 11:38:28 +01:00
mips verifiers: MIPS fallout cleanup 2019-03-20 11:38:28 +01:00
powerpc/ieee1275 verifiers: PowerPC fallout cleanup 2019-03-20 11:38:28 +01:00
riscv RISC-V: Add Linux load logic 2019-02-25 11:33:06 +01:00
sparc64/ieee1275 arm-uboot, ia64, sparc64: Fix up grub_file_open() calls 2018-11-16 14:42:51 +01:00
aout.c Implement automatic module license checking according to new GNU 2011-04-11 23:01:51 +02:00
linux.c verifiers: File type for fine-grained signature-verification controlling 2018-11-09 13:25:31 +01:00
lzss.c Add LZSS Mach-O support (needed for new xnu kernelcache). 2012-02-29 13:26:13 +01:00
macho.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
macho32.c * grub-core/loader/machoXX.c: Fix compilation on non-i386. 2013-12-17 22:44:46 +01:00
macho64.c * grub-core/loader/machoXX.c: Fix compilation on non-i386. 2013-12-17 22:44:46 +01:00
machoXX.c Simplify few strings. 2013-05-07 11:44:15 +02:00
multiboot.c verifiers: File type for fine-grained signature-verification controlling 2018-11-09 13:25:31 +01:00
multiboot_elfxx.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
multiboot_mbi2.c multiboot2: Set min address for mbi allocation to 0x1000 2019-12-20 20:35:21 +01:00
xnu.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
xnu_resume.c verifiers: File type for fine-grained signature-verification controlling 2018-11-09 13:25:31 +01:00