When the gettext module is loaded, the gettext command is registered but
isn't unregistered when the module is unloaded. We need to add a call to
grub_unregister_command() when unloading the module.
Fixes: CVE-2025-61662
Reported-by: Alec Brown <alec.r.brown@oracle.com>
Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The size calculation of the translation buffer in
grub_gettext_getstr_from_position() may overflow
to 0 leading to heap OOB write. This patch fixes
the issue by using grub_add() and checking for
an overflow.
Fixes: CVE-2024-45777
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
Calculation of ctx->grub_gettext_msg_list size in grub_mofile_open() may
overflow leading to subsequent OOB write or read. This patch fixes the
issue by replacing grub_zalloc() and explicit multiplication with
grub_calloc() which does the same thing in safe manner.
Fixes: CVE-2024-45776
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
The gettext module does not entirely cleanup after itself in
its GRUB_MOD_FINI() leaving a few variables hooks in place.
It is not possible to unload gettext module because normal
module depends on it. Though fix the issues for completeness.
Fixes: CVE-2025-0622
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Let's provide file type info to the I/O layer. This way verifiers
framework and its users will be able to differentiate files and verify
only required ones.
This is preparatory patch.
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
once enabled).
* grub-core/gettext/gettext.c: Encapsulate all static variables in
main_context and secondary_context. All functions updated.
(grub_gettext_translate): Rename to ...
(grub_gettext_translate_real): ... this. Return NULL on failed
translate.
(grub_gettext_translate): Handle secondary context.
(grub_gettext_delete_list): Close file and zero-out the context.
(grub_mofile_open): Don't call grub_gettext_delete_list.
Don't close file.
(grub_gettext_init_ext): Call grub_gettext_init_ext. Skip loading
if locale="" to avoid pointless error message.
(grub_gettext_env_write_lang): Update lang even if load fails.
Handle secondary context.
(grub_gettext_reread_prefix): New function.
(read_main): Likewise.
(read_secondary): Likewise.
(GRUB_MOD_INIT): Handle secondary context. Hook and export variables.
(GRUB_MOD_FINI): Handle secondary context. Don't close file.
* grub-core/normal/main.c (read_lists): Call grub_gettext_reread_prefix.
* include/grub/normal.h (grub_gettext_reread_prefix): New proto.
lists (by always binsearching), improve caching (cache strings
used for binsearch, not only results), improve
maintainability (by using more structured binary search) and correct
error handling.
compact and more efficient code.
* grub-core/kern/list.c (grub_list_push): Moved from here ...
* include/grub/list.h (grub_list_push): ... to here. Set prev.
(grub_list_remove): Moved from here ...
* include/grub/list.h (grub_list_remove): ... here. Use and set prev.
(grub_prio_list_insert): Set prev.
* include/grub/list.h (grub_list): Add prev. All users updated.
.mo/.mo.gz opening sequence to ...
(grub_mofile_open_lang): ... here.
(grub_gettext_init_ext): If opening ll_CC fails, try ll.
* util/grub.d/00_header.in (grub_lang): Include country part of
locale.
Reported by: Mario Limonciello.
