No description
426f57383d
Defining a new function with the same name as a previously defined function causes the grub_script and associated resources for the previous function to be freed. If the previous function is currently executing when a function with the same name is defined, this results in use-after-frees when processing subsequent commands in the original function. Instead, reject a new function definition if it has the same name as a previously defined function, and that function is currently being executed. Although a behavioural change, this should be backwards compatible with existing configurations because they can't be dependent on the current behaviour without being broken. Fixes: CVE-2020-15706 Signed-off-by: Chris Coulson <chris.coulson@canonical.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
||
---|---|---|
asm-tests | ||
conf | ||
docs | ||
grub-core | ||
include | ||
po | ||
tests | ||
themes/starfield | ||
unicode | ||
util | ||
.gitattributes | ||
.gitignore | ||
.travis.yml | ||
acinclude.m4 | ||
AUTHORS | ||
autogen.sh | ||
bootstrap | ||
bootstrap.conf | ||
BUGS | ||
ChangeLog-2015 | ||
config.h.in | ||
configure.ac | ||
COPYING | ||
coreboot.cfg | ||
geninit.sh | ||
gentpl.py | ||
INSTALL | ||
linguas.sh | ||
Makefile.am | ||
Makefile.util.def | ||
NEWS | ||
README | ||
THANKS | ||
TODO |
This is GRUB 2, the second version of the GRand Unified Bootloader. GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more robust, more powerful, and more portable. See the file NEWS for a description of recent changes to GRUB 2. See the file INSTALL for instructions on how to build and install the GRUB 2 data and program files. Please visit the official web page of GRUB 2, for more information. The URL is <http://www.gnu.org/software/grub/grub.html>. More extensive documentation is available in the Info manual, accessible using 'info grub' after building and installing GRUB 2. There are a number of important user-visible differences from the first version of GRUB, now known as GRUB Legacy. For a summary, please see: info grub Introduction 'Changes from GRUB Legacy'