tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

loader/multiboot_elfxx: Check section header region before allocating memory

Browse Source 
In grub-core/loader/multiboot_elfxx.c, space is being allocated for the section
header region, but isn't verifying if the region is within the file's size.
Before calling grub_calloc(), we can add a conditional to check if the section
header region is smaller than the file size.

Fixes: CID 314029
Fixes: CID 314038

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Alec Brown 2023-05-22 16:52:47 -04:00 committed by Daniel Kiper
parent 9537ddb0e7
commit c8cf8272f4
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
grub-core/loader/multiboot_elfxx.c
View File

@ -248,6 +248,9 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld)
{ {
grub_uint8_t *shdr, *shdrptr; grub_uint8_t *shdr, *shdrptr;
if ((grub_off_t) ehdr->e_shoff + shnum * ehdr->e_shentsize > grub_file_size (mld->file))
return grub_error (GRUB_ERR_OUT_OF_RANGE, N_("ELF section header region is larger than the file size"));
shdr = grub_calloc (shnum, ehdr->e_shentsize); shdr = grub_calloc (shnum, ehdr->e_shentsize);
if (!shdr) if (!shdr)
return grub_errno; return grub_errno;