According to the System V Application Binary Interface specification [1]
the sections holding a symbol table, SHT_SYMTAB and SHT_DYNSYM, have to
have sh_info set to "One greater than the symbol table index of the last
local symbol (binding STB_LOCAL)". Current code converting PE images to
ELF files does not do that and readelf complains in following way:
...
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .text PROGBITS 00000000 000034 0014d4 00 AX 0 0 4
[ 2] .data PROGBITS 00000000 001508 000040 00 WA 0 0 32
[ 3] .rdata PROGBITS 00000000 001548 0006b8 00 A 0 0 4
[ 4] .module_license PROGBITS 00000000 001c00 000010 00 0 0 4
[ 5] .bss NOBITS 00000000 000000 000008 00 WA 0 0 4
[ 6] .moddeps PROGBITS 00000000 001c10 000010 00 0 0 4
[ 7] .modname PROGBITS 00000000 001c20 000008 00 0 0 4
[ 8] .rel.text REL 00000000 001c28 0008c8 08 11 1 4
[ 9] .rel.data REL 00000000 0024f0 000040 08 11 2 4
[10] .rel.rdata REL 00000000 002530 000070 08 11 3 4
[11] .symtab SYMTAB 00000000 0025a0 0001d0 10 12 0 4
[12] .strtab STRTAB 00000000 002770 000237 00 0 0 1
...
Symbol table '.symtab' contains 29 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
readelf: Warning: local symbol 0 found at index >= .symtab's sh_info value of 0
1: 0000144a 0 FUNC LOCAL DEFAULT 1 grub_mod_init
readelf: Warning: local symbol 1 found at index >= .symtab's sh_info value of 0
2: 000014aa 0 FUNC LOCAL DEFAULT 1 grub_mod_fini
readelf: Warning: local symbol 2 found at index >= .symtab's sh_info value of 0
3: 00000000 0 SECTION LOCAL DEFAULT 1 .text
readelf: Warning: local symbol 3 found at index >= .symtab's sh_info value of 0
4: 00000000 0 SECTION LOCAL DEFAULT 2 .data
readelf: Warning: local symbol 4 found at index >= .symtab's sh_info value of 0
5: 00000000 0 SECTION LOCAL DEFAULT 5 .bss
readelf: Warning: local symbol 5 found at index >= .symtab's sh_info value of 0
6: 00000000 0 SECTION LOCAL DEFAULT 3 .rdata
readelf: Warning: local symbol 6 found at index >= .symtab's sh_info value of 0
7: 00000000 0 NOTYPE GLOBAL DEFAULT UND grub_dma_get_phys
8: 00000000 0 NOTYPE GLOBAL DEFAULT UND grub_cs5536_write_msr
9: 00000000 0 NOTYPE GLOBAL DEFAULT UND grub_dma_free
...
Let's fix it...
[1] https://www.sco.com/developers/gabi/2012-12-31/contents.html
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
The commit 98ad84328 (kern/dl: Check for the SHF_INFO_LINK flag in
grub_dl_relocate_symbols()) revealed a bug in the code converting PE
module images to ELF files. The missing SHF_INFO_LINK flag for SHT_REL
and SHT_RELA sections lead to hangs during GRUB load. This only happens
for the GRUB images generated on Windows platforms. The *NIX platforms
are not affected due to lack of PE to ELF conversion step.
This patch fixes the issue...
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
This modifies most of the places we do some form of:
X = malloc(Y * Z);
to use calloc(Y, Z) instead.
Among other issues, this fixes:
- allocation of integer overflow in grub_png_decode_image_header()
reported by Chris Coulson,
- allocation of integer overflow in luks_recover_key()
reported by Chris Coulson,
- allocation of integer overflow in grub_lvm_detect()
reported by Chris Coulson.
Fixes: CVE-2020-14308
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
* Makefile.am (build-grub-mkfont): Don't include gnulib.
(build-grub-gen-asciih): Likewise.
(build-grub-gen-widthspec): Likewise.
* Makefile.util.def (grub-pe2elf): Remove.
* config.h.in [GRUB_BUILD]: Use build rather than host constants.
* configure.ac: Separate tests for build.
Move ./build-grub-pe2elf to grub-core.
Fix typo.
* grub-core/Makefile.am (build-grub-pe2elf): New target.
* grub-core/kern/emu/misc.c (xasprintf): Don't compile if GRUB_BUILD is
defined.
* include/grub/types.h [GRUB_BUILD]: Use build rather than host
constants.
* util/grub-mkfont.c [GRUB_BUILD]: Simplify not to rely on argp.
* util/grub-pe2elf.c: Simplify not to rely on getopt.
* util/misc.c (program_name) [GRUB_BUILD]: Define to static string.
(write_section_data): Rename name to shname to avoid shadowing.
(write_symbol_table): Rename name to symname to avoid shadowing.
Fix write_reloc_section call.
* util/grub-pe2elf.c (MODLICENSE_SECTION): New definition. All following
sections shifted.
(insert_string): Make argument const char * instead of char *.
(write_section_data): Handle long section names.
Handle module_license.
* conf/Makefile.common (STRIPFLAGS_KERNEL): Add -F elf32-i386 and
-R .drectve on cygwin.
* conf/i386-pc-cygwin-img-ld.sc: Merge rdata and pdata into data.
* configure.ac: Use $(top_builddir) in TARGET_OBJ2ELF.
(COND_CYGWIN): New condition.
* grub-core/Makefile.am (%.mod): Set TARGET_OBJ2ELF.
* grub-core/genmod.sh.in: Use ${TARGET_OBJ2ELF} and
not @TARGET_OBJ2ELF@.
* util/grub-pe2elf.c (write_symbol_table): Use pe_symtab->type and not
type to determine whether aux is to be used.
* common.rmk (bin_UTILITIES): Add grub-pe2elf.
(grub_pe2elf_SOURCES): New macro.
(CLEANFILES): Add grub-pe2elf.
* include/grub/efi/pe32.h (GRUB_PE32_SCN_ALIGN_1BYTES): New constant.
(GRUB_PE32_SCN_ALIGN_2BYTES): Likewise.
(GRUB_PE32_SCN_ALIGN_4BYTES): Likewise.
(GRUB_PE32_SCN_ALIGN_8BYTES): Likewise.
(GRUB_PE32_SCN_ALIGN_16BYTES): Likewise.
(GRUB_PE32_SCN_ALIGN_32BYTES): Likewise.
(GRUB_PE32_SCN_ALIGN_64BYTES): Likewise.
(GRUB_PE32_SCN_ALIGN_SHIFT): Likewise.
(GRUB_PE32_SCN_ALIGN_MASK): Likewise.
(GRUB_PE32_SYM_CLASS_EXTERNAL): Likewise.
(GRUB_PE32_SYM_CLASS_STATIC): Likewise.
(GRUB_PE32_SYM_CLASS_FILE): Likewise.
(GRUB_PE32_DT_FUNCTION): Likewise.
(GRUB_PE32_REL_I386_DIR32): Likewise.
(GRUB_PE32_REL_I386_REL32): Likewise.
(grub_pe32_symbol): New structure.
(grub_pe32_reloc): Likewise.
* util/grub-pe2elf.c: New file.
* configure.ac: Set TARGET_OBJ2ELF if host os is cygwin. Don't test for
start symbol in non pc platform.
* genmk.rb: Use TARGET_OBJ2ELF to convert native object format to elf.
The following patches are from Christian Franke.
* include/grub/dl.h: Remove .previous, gas supports this only
for ELF format.
* include/grub/symbol.h [__CYGWIN__] (#define FUNCTION/VARIABLE):
Remove .type, gas supports this only for ELF format.
* kern/dl.c (grub_dl_resolve_dependencies): Add check for trailing
nullbytes in symbol table. This fixes an infinite loop if table is
zero filled.
* Makefile.in: Add autoconf replacements TARGET_IMG_LDSCRIPT,
TARGET_IMG_LDFLAGS and EXEEXT.
* aclocal.m4 (grub_PROG_OBJCOPY_ABSOLUTE): Replace -Wl,-N by
TARGET_IMG_LDFLAGS_AC.
(grub_CHECK_STACK_ARG_PROBE): New function.
* conf/i386-pc.rmk: Replace -Wl,-N by TARGET_IMG_LDFLAGS.
* conf/i386-pc-cygwin-ld-img.sc: New linker script.
* configure.ac: Add check for linker script "conf/${target}-img-ld.c"
to set TARGET_IMG_LD* accordingly.
Add check for Cygwin to set TARGET_MOD_OBJCOPY accordingly.
Add call to grub_CHECK_STACK_ARG_PROBE.
Use TARGET_IMG_LDFLAGS to check start, bss_start, end symbols.
* genkernsyms.sh.in: Handle HAVE_ASM_USCORE case.
* genmk.rb: Add EXEEXT to CLEANFILES.
