Hi,
We are getting closer to the 2.12 release. Sadly we still do not have
many of important patch sets in the tree. So, I am going to spend more
time on reviews in the following weeks. Below you can find my list of
key patch sets which should land in the release:
- Dynamic allocation of memory r
On Sat, Oct 22, 2022 at 12:52:02AM +1100, Daniel Axtens wrote:
> Alec Brown writes:
>
> > In grub-core/video/readers/jpeg.c, the function
> > grub_jpeg_decode_huff_table()
> > has the variable next_marker which reads data from grub_jpeg_get_word() and
> > then uses it as an upper limit in a whil
In grub-core/video/readers/jpeg.c, the height and width of a JPEG image don't
have an upper limit for how big the JPEG image can be. In coverity, this is
getting flagged as an untrusted loop bound. This issue can also seen in PNG and
TGA format images as well but coverity isn't flagging it. To prev
