vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
grub/grub-core/normal
History
Hector Marco-Gisbert 451d80e52d Fix security issue when reading username and password 
This patch fixes two integer underflows at:
  * grub-core/lib/crypto.c
  * grub-core/normal/auth.c

CVE-2015-8370

Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
Also-By: Andrey Borzenkov <arvidjaar@gmail.com>
2015-12-16 07:57:18 +03:00
..
auth.c Fix security issue when reading username and password 2015-12-16 07:57:18 +03:00
autofs.c * grub-core/normal/autofs.c (autoload_fs_module): Save and restore 2012-07-22 16:23:46 +02:00
charset.c Document intentional fallthroughs. 2015-01-27 17:17:58 +01:00
cmdline.c normal: fix memory leak 2015-06-20 23:38:18 +03:00
color.c Replace explicit sizeof divisions by ARRAY_SIZE. 2015-01-21 17:37:31 +01:00
completion.c * include/grub/misc.h (grub_strcat): Removed. All users changed to 2013-11-01 16:27:37 +01:00
context.c normal: fix memory leak 2015-06-20 23:38:19 +03:00
crypto.c * grub-core/normal/crypto.c (read_crypto_list): Fix incorrect 2013-03-07 08:41:27 +01:00
datetime.c * grub-core/normal/datetime.c (grub_get_weekday): Use if rather than 2013-11-13 09:26:13 +01:00
dyncmd.c * grub-core/normal/dyncmd.c (read_command_list): Don't access freed 2012-06-13 01:04:14 +02:00
main.c Add missing initializers to silence suprious warnings. 2015-03-27 14:44:41 +01:00
menu.c * grub-core/normal/main.c: Don't drop to rescue console in 2014-09-21 18:51:09 +02:00
menu_entry.c * grub-core/normal/main.c: Don't drop to rescue console in 2014-09-21 18:51:09 +02:00
menu_text.c grub_menu_init_page: Avoid returning 0 geometry to avoid divisions by 0. 2015-01-21 17:42:15 +01:00
misc.c normal/misc: Close device on all pathes. 2015-01-26 09:49:32 +01:00
term.c * grub-core/normal/term.c (grub_set_more): Use bool logic rather than 2013-11-13 02:27:11 +01:00