I'd like to submit a few trivial patches that I've had on my hard
drive for a while. This patch is against the latest version in the
trunk on bzr.savannah.gnu.org.
If grub_file_getline tries to read a line which is exactly
64 bytes long it will write the terminating zero past the
end of the allocated buffer causing memory corruption.
Trivial fix which reserves one more byte in the buffer.
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index feeb1ef..eb4b1c7 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -65,7 +65,7 @@ grub_file_getline (grub_file_t file)
continue;
- if (pos >= max_len)
+ if (pos + 1 >= max_len)
{
char *old_cmdline = cmdline;
max_len = max_len * 2;
--
Have laptop, will travel. I'm a consultant looking for interesting
jobs anywhere in the world. I'm an experienced software engineer with
a solid understanding of hardware. Specialities: Linux, device
drivers and embedded systems in general. Find me at www.weinigel.se.
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
