From: Daniel Axtens
Signed-off-by: Daniel Axtens
Reviewed-by: Daniel Kiper
---
grub-core/script/execute.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
index ce83edd4b..3ad468fce 100644
--- a/grub-core/script/execute
From: Javier Martinez Canillas
The code is compiled out so there is no reason to keep it.
Additionally, don't set bss_size field since we do not add a BSS section.
Signed-off-by: Javier Martinez Canillas
Reviewed-by: Daniel Kiper
---
util/mkimage.c | 17 -
1 file changed, 17
From: Daniel Axtens
This can be triggered with:
ls -l (0 0*)
and causes a NULL deref in grub_normal_print_device_info().
I'm not sure if there's any implication with the IEEE 1275 platform.
Signed-off-by: Daniel Axtens
Reviewed-by: Daniel Kiper
---
grub-core/commands/ls.c | 2 +-
1 file ch
From: Dimitri John Ledkov
Commit 32ddc42c (efi: Only register shim_lock verifier if shim_lock
protocol is found and SB enabled) reintroduced CVE-2020-15705 which
previously only existed in the out-of-tree linuxefi patches and was
fixed as part of the BootHole patch series.
Under Secure Boot enfo
From: Daniel Axtens
getblk() implicitly trusts that treehead->count is an accurate count of
the number of extents. However, that value is read from disk and is not
trustworthy, leading to OOB reads and crashes. I am not sure to what
extent the data read from OOB can influence subsequent program e
From: Alex Burmashev
The os-prober is enabled by default what may lead to potentially
dangerous use cases and borderline opening attack vectors. This
patch disables the os-prober, adds warning messages and updates
GRUB_DISABLE_OS_PROBER configuration option documentation. This
way we make it clea
From: Daniel Axtens
If huft_build() fails, gzio->tl or gzio->td could contain pointers that
are no longer valid. Zero them out.
This prevents a double free when grub_gzio_close() comes through and
attempts to free them again.
Signed-off-by: Daniel Axtens
Reviewed-by: Daniel Kiper
---
grub-co
From: Dimitri John Ledkov
Signed-off-by: Dimitri John Ledkov
Reviewed-by: Daniel Kiper
---
include/grub/util/install.h | 5 -
util/grub-install-common.c | 12 ++--
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/include/grub/util/install.h b/include/grub/util/inst
From: Daniel Axtens
We just introduced an error return in grub_nilfs2_btree_node_lookup().
Make sure the callers catch it.
At the same time, make sure that grub_nilfs2_btree_node_lookup() always
inits the index pointer passed to it.
Signed-off-by: Daniel Axtens
Reviewed-by: Daniel Kiper
---
From: Daniel Axtens
rlocn->offset is read directly from disk and added to the metadatabuf
pointer to create a pointer to a block of metadata. It's a 64-bit
quantity so as long as you don't overflow you can set subsequent
pointers to point anywhere in memory.
Require that rlocn->offset fits withi
From: Daniel Axtens
NILFS2 reads the number of children a node has from the node. Unfortunately,
that's not trustworthy. Check if it's beyond what the filesystem permits and
reject it if so.
This blocks some OOB reads. I'm not sure how controllable the read is and what
could be done with invalid
From: Chris Coulson
Add a new variable sized heap buffer type (grub_buffer_t) with simple
operations for appending data, accessing the data and maintaining
a read cursor.
Signed-off-by: Chris Coulson
Reviewed-by: Daniel Kiper
---
grub-core/Makefile.core.def | 1 +
grub-core/kern/buffer.c
From: Chris Coulson
Introduce a common function epilogue used for cleaning up on all
return paths, which will simplify additional error handling to be
introduced in a subsequent commit.
Signed-off-by: Chris Coulson
Reviewed-by: Daniel Kiper
---
grub-core/kern/parser.c | 35 +++
From: Peter Jones
This change does not impact final result of initialization itself.
However, it eases PE code unification in subsequent patches.
Signed-off-by: Peter Jones
Signed-off-by: Javier Martinez Canillas
Reviewed-by: Daniel Kiper
---
util/mkimage.c | 8
1 file changed, 4 in
From: Peter Jones
There's quite a bit of code duplication in the code that sets the optional
header for PE32 and PE32+. The two are very similar with the exception of
a few fields that have type grub_uint64_t instead of grub_uint32_t.
Factor out the common code and add a PE_OHDR() macro that sim
From: Peter Jones
Add a init_pe_section() helper function to setup PE sections. This makes
the code simpler and easier to read.
Signed-off-by: Peter Jones
Signed-off-by: Javier Martinez Canillas
Reviewed-by: Daniel Kiper
---
util/mkimage.c | 141 +++---
From: Thomas Frauendorfer | Miray Software
This patch is preparing for a follow up patch which will use
the format parsing part to compare the arguments in a printf()
format from an external source against a printf() format with
expected arguments.
Signed-off-by: Thomas Frauendorfer | Miray Soft
From: Peter Jones
This makes the PE32 and PE32+ header fields set-up easier to follow by
setting them closer to the initialization of their related sections.
Signed-off-by: Peter Jones
Signed-off-by: Javier Martinez Canillas
Reviewed-by: Daniel Kiper
---
util/mkimage.c | 16
Hi Daniel!
On 3/2/21 7:00 PM, Daniel Kiper wrote:
> The BootHole vulnerability [1][2] announced last year encouraged many people
> to
> take a closer look at the security of boot process in general and the GRUB
> bootloader in particular. Due to that, during past few months we were getting
> repo
On 3/2/21 1:37 PM, John Paul Adrian Glaubitz wrote:
Hi Daniel!
On 3/2/21 7:00 PM, Daniel Kiper wrote:
The BootHole vulnerability [1][2] announced last year encouraged many people to
take a closer look at the security of boot process in general and the GRUB
bootloader in particular. Due to that,
Hi Adrian,
On Tue, Mar 02, 2021 at 08:37:14PM +0100, John Paul Adrian Glaubitz wrote:
> Hi Daniel!
>
> On 3/2/21 7:00 PM, Daniel Kiper wrote:
> > The BootHole vulnerability [1][2] announced last year encouraged many
> > people to
> > take a closer look at the security of boot process in general a
Le 02/03/2021 à 19:02, Daniel Kiper a écrit :
From: Alex Burmashev
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
index 1b91c102f..80685b15f 100644
--- a/util/grub.d/30_os-prober.in
+++ b/util/grub.d/30_os-prober.in
@@ -26,7 +26,8 @@ export TEXTDOMAINDIR="@localedir@"
Dear Glenn,
Am 01.03.21 um 20:36 schrieb Glenn Washburn:
This error message comes from the grub_print_error in
grub_pata_device_initialize, which does not pass on the error, and is
raised in check_device. The function check_device needs to return this as
an error because check_device is also us
I used grub_printf 3 times, because for some reason (line wrapping I
guess) if you print "\b \b" at once the backspace key doesn't work on
the second last character in the terminal line. The visual cursor gets
stuck there and doesn't remove characters anymore, although you can
still type more.
101 - 124 of 124 matches
Mail list logo
