From 1c0df7c142c546b856c3dbc916bfd786367427c0 Mon Sep 17 00:00:00 2001 From: WANG Xuerui Date: Thu, 18 May 2023 10:52:57 +0800 Subject: [PATCH] kern/loongarch64/dl_helper: Avoid undefined behavior when popping from an empty reloc stack The return value of grub_loongarch64_stack_pop() is unsigned, so -1 should not be used in the first place. Replacing with 0 is enough to avoid the UB in this edge case. Technically though, proper error handling is needed throughout the management of the reloc stack, so no unexpected behavior will happen even in case of malformed object code input (right now, pushes become no-ops when the stack is full, and garbage results if the stack does not contain enough operands for an op). The refactor would touch some more places so would be best done in a separate series. Fixes: CID 407777 Fixes: CID 407778 Signed-off-by: WANG Xuerui Reviewed-by: Daniel Kiper --- grub-core/kern/loongarch64/dl_helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grub-core/kern/loongarch64/dl_helper.c b/grub-core/kern/loongarch64/dl_helper.c index e8ec1219f..cda1a53c8 100644 --- a/grub-core/kern/loongarch64/dl_helper.c +++ b/grub-core/kern/loongarch64/dl_helper.c @@ -46,7 +46,7 @@ static grub_uint64_t grub_loongarch64_stack_pop (grub_loongarch64_stack_t stack) { if (stack->top == -1) - return -1; + return 0; return stack->data[stack->top--]; }