libgcrypt: Fix Coverity warnings

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2025-07-07 14:52:13 +00:00 · 2025-07-07 14:52:13 +00:00 · e23704ad48
commit e23704ad48
parent d65810b01c
2 changed files with 53 additions and 0 deletions
--- a/grub-core/lib/libgcrypt-patches/03_mpiutil_alloc.patch
+++ b/grub-core/lib/libgcrypt-patches/03_mpiutil_alloc.patch
@ -0,0 +1,18 @@
+mpiutil: Fix NULL pointer dereference in case of failed alloc
+
+Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
+
+diff --git a/grub-core/lib/libgcrypt/mpi/mpiutil.c b/grub-core/lib/libgcrypt/mpi/mpiutil.c
+index 3a372374f..dc53db09d 100644
+--- a/grub-core/lib/libgcrypt-grub/mpi/mpiutil.c
+++ b/grub-core/lib/libgcrypt-grub/mpi/mpiutil.c
+@@ -432,6 +432,9 @@ _gcry_mpi_alloc_like( gcry_mpi_t a )
+ 	int n = (a->sign+7)/8;
+ 	void *p = _gcry_is_secure(a->d)? xtrymalloc_secure (n)
+                                        : xtrymalloc (n);
+	if ( !p ) {
+            _gcry_fatal_error (GPG_ERR_ENOMEM, NULL);
+	}
+ 	memcpy( p, a->d, n );
+ 	b = mpi_set_opaque( NULL, p, a->sign );
+     }
--- a/grub-core/lib/libgcrypt-patches/03_sexp_free.patch
+++ b/grub-core/lib/libgcrypt-patches/03_sexp_free.patch
@ -0,0 +1,35 @@
+sexp: Add missing free on error path
+
+Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
+
+diff --git a/grub-core/lib/libgcrypt/src/sexp.c b/grub-core/lib/libgcrypt/src/sexp.c
+index d15f1a790..250559f75 100644
+--- a/grub-core/lib/libgcrypt-grub/src/sexp.c
+++ b/grub-core/lib/libgcrypt-grub/src/sexp.c
+@@ -1157,6 +1157,17 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+                               }                                            \
+                        } while (0)
+ 
+#define MAKE_SPACE_EXTRA_CLEANUP(n, cleanup)  do {				\
+                            gpg_err_code_t _ms_err = make_space (&c, (n)); \
+                            if (_ms_err)                                   \
+                              {                                            \
+                                err = _ms_err;                             \
+                                *erroff = p - buffer;                      \
+				cleanup;				   \
+                                goto leave;                                \
+                              }                                            \
+                       } while (0)
+
+   /* The STORE_LEN macro is used to store the length N at buffer P. */
+ #define STORE_LEN(p,n) do {						   \
+ 			    DATALEN ashort = (n);			   \
+@@ -1368,7 +1379,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+                   goto leave;
+                 }
+ 
+-              MAKE_SPACE (datalen);
+              MAKE_SPACE_EXTRA_CLEANUP (datalen, xfree (b64buf));
+               *c.pos++ = ST_DATA;
+               STORE_LEN (c.pos, datalen);
+               for (i = 0; i < datalen; i++)