tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fs/hfsplus: Set grub_errno to prevent NULL pointer access

Browse Source 
When an invalid node size is detected in grub_hfsplus_mount(), data
pointer is freed. Thus, file->data is not set. The code should also
set the grub_errno when that happens to indicate an error and to avoid
accessing the uninitialized file->data in grub_file_close().

Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Lidong Chen 2023-05-03 17:32:19 +00:00 committed by Daniel Kiper
parent eb8b0aabb8
commit 61b13c187c
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
grub-core/fs/hfsplus.c
View File

@ -357,7 +357,10 @@ grub_hfsplus_mount (grub_disk_t disk)
(header.key_compare == GRUB_HFSPLUSX_BINARYCOMPARE));
if (data->catalog_tree.nodesize < 2)
goto fail;
{
grub_error (GRUB_ERR_BAD_FS, "invalid catalog node size");
goto fail;
}
if (grub_hfsplus_read_file (&data->extoverflow_tree.file, 0, 0,
sizeof (struct grub_hfsplus_btnode),
@ -374,7 +377,10 @@ grub_hfsplus_mount (grub_disk_t disk)
data->extoverflow_tree.nodesize = grub_be_to_cpu16 (header.nodesize);
if (data->extoverflow_tree.nodesize < 2)
goto fail;
{
grub_error (GRUB_ERR_BAD_FS, "invalid extents overflow node size");
goto fail;
}
data->extoverflow_tree_ready = 1;