vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
grub/grub-core/kern/efi
History
Peter Jones f725fa7cb2 calloc: Use calloc() at most places 
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
..
acpi.c tsc: Use alternative delay sources whenever appropriate. 2015-11-27 11:39:55 +01:00
efi.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
fdt.c efi: Move fdt helper into own file 2016-11-24 10:09:24 +01:00
init.c efi: Free malloc regions on exit 2017-09-07 23:35:01 +02:00
mm.c efi: Print error messages to grub_efi_allocate_pages_real() 2020-03-10 21:41:16 +01:00