vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
grub/grub-core/lib
History
Alexey Makhalov 61ff5602fe relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 
This commit introduces integer underflow mitigation in max_addr calculation
in grub_relocator_alloc_chunk_align() invocation.

It consists of 2 fixes:
  1. Introduced grub_relocator_alloc_chunk_align_safe() wrapper function to perform
     sanity check for min/max and size values, and to make safe invocation of
     grub_relocator_alloc_chunk_align() with validated max_addr value. Replace all
     invocations such as grub_relocator_alloc_chunk_align(..., min_addr, max_addr - size, size, ...)
     by grub_relocator_alloc_chunk_align_safe(..., min_addr, max_addr, size, ...).
  2. Introduced UP_TO_TOP32(s) macro for the cases where max_addr is 32-bit top
     address (0xffffffff - size + 1) or similar.

Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:48 +02:00
..
arc sgi support 2011-05-13 16:36:05 +02:00
arm * grub-core/kern/arm/cache.S: Don't switch back to ARM mode when 2013-11-16 17:37:06 +01:00
arm64 arm64/setjmp: Add missing move for arg1 == 0 case. 2016-01-07 21:10:05 +01:00
dummy arm-coreboot: Start new port. 2017-05-08 20:53:28 +02:00
efi RISC-V: Add to build system 2019-02-25 14:02:05 +01:00
emu Add missing emu/halt.c 2010-08-30 00:54:15 +02:00
gnulib-patches gnulib: Fix build of base64 when compiling with memory debugging 2020-03-10 21:58:36 +01:00
i386 relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
ia64 * grub-core/lib/ia64/longjmp.S: Fix the name of longjmp function. 2013-03-02 15:31:17 +01:00
ieee1275 iee1275/datetime: Fix off-by-1 error. 2016-01-07 15:53:42 +01:00
json json: Avoid a double-free when parsing fails. 2020-07-29 16:55:48 +02:00
libgcrypt calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
libgcrypt_wrap calloc: Make sure we always have an overflow-checking calloc() available 2020-07-29 16:55:47 +02:00
minilzo minilzo: Update to minilzo-2.08 2020-02-11 21:30:30 +01:00
mips relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
posix_wrap calloc: Make sure we always have an overflow-checking calloc() available 2020-07-29 16:55:47 +02:00
powerpc relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
riscv RISC-V: Add setjmp implementation 2019-02-25 11:28:44 +01:00
sparc64 * grub-core/lib/sparc64/setjmp.S: Force spilling of current window. 2013-11-18 10:01:36 +01:00
uboot Rename uboot/datetime to dummy/datetime. 2017-05-08 19:40:14 +02:00
x86_64 relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
xen xen: modify page table construction 2016-10-27 16:22:06 +02:00
xzembed Change fs functions to add fs_ prefix 2019-04-09 10:03:29 +10:00
zstd calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
adler32.c * grub-core/lib/adler32.c: Recode due to license unclearness. 2012-04-07 19:58:39 +02:00
arg.c malloc: Use overflow checking primitives where we do complex allocations 2020-07-29 16:55:47 +02:00
backtrace.c * grub-core/disk/ahci.c: Add needed explicit cast. 2013-08-21 21:02:14 +02:00
cmdline.c verifiers: Add possibility to verify kernel and modules command lines 2018-11-09 13:25:31 +01:00
cmos_datetime.c CMOS support on sparc. 2011-07-05 20:24:20 +02:00
crc.c Remove several trivially-unnecessary uses of nested functions. 2012-12-31 17:31:38 +00:00
crc64.c Remove several trivially-unnecessary uses of nested functions. 2012-12-31 17:31:38 +00:00
crypto.c core: use GRUB_TERM_ definitions when handling term characters 2017-08-07 19:28:22 +02:00
datetime.c normal: Move common datetime functions out of the normal module 2020-02-18 15:12:06 +01:00
disk.c Rename grub_disk members 2019-03-25 15:14:52 +01:00
division.c core: avoid NULL derefrence in grub_divmod64s 2015-04-06 19:30:51 +03:00
envblk.c envblk: Fix buffer overrun when attempting to shrink a variable value 2020-05-15 15:24:59 +02:00
fake_module.c Add new all_video module. 2012-02-26 18:09:07 +01:00
fdt.c fdt: Move prop_entry_size to fdt.h 2018-06-23 21:40:55 +02:00
getline.c Implement syslinux parser. 2013-12-18 05:28:05 +01:00
hexdump.c automake commit without merge history 2010-05-06 11:34:04 +05:30
legacy_parse.c misc: Make grub_strtol() "end" pointers have safer const qualifiers 2020-02-28 12:41:29 +01:00
LzFind.c * grub-core/lib/LzFind.c (MatchFinder_GetIndexByte): Rename index to 2012-02-10 12:21:28 +01:00
LzmaDec.c * include/grub/lib/LzmaDec.h: Fix to include LzmaTypes.h and 2013-11-10 20:37:01 +01:00
LzmaEnc.c lzma: Make sure we don't dereference past array 2020-07-29 16:55:48 +02:00
pbkdf2.c Remove pragmas related to -Wunreachable-code 2016-01-20 15:56:55 +00:00
priority_queue.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
progress.c Disable progress indicator in grub-shell. 2016-01-05 21:10:10 +01:00
random.c Add RNG module. 2016-02-12 12:39:38 +01:00
reed_solomon.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
relocator.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
setjmp.S RISC-V: Add to build system 2019-02-25 14:02:05 +01:00
syslinux_parse.c misc: Make grub_strtol() "end" pointers have safer const qualifiers 2020-02-28 12:41:29 +01:00