grub/grub-core at 09bd6eb58b0f71ec273916070fa1e2de16897a91 - grub - Gitea: Git with a cup of tea.... and pages of fanfiction!

tablet/grub

History

Lidong Chen 09bd6eb58b gettext: Integer overflow leads to heap OOB write or read

Calculation of ctx->grub_gettext_msg_list size in grub_mofile_open() may
overflow leading to subsequent OOB write or read. This patch fixes the
issue by replacing grub_zalloc() and explicit multiplication with
grub_calloc() which does the same thing in safe manner.

Fixes: CVE-2024-45776

Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>

2025-02-13 15:45:55 +01:00

..

A workaround for clang problem assembling startup_raw.S

2019-04-08 15:22:10 +10:00

build: Fix -Werror=array-bounds array subscript 0 is outside array bounds

2022-04-20 18:27:52 +02:00

commands/pgp: Unregister the "check_signatures" hooks on module unload

2025-02-13 15:45:55 +01:00

disk/loopback: Reference tracking for the loopback

2025-01-23 16:22:47 +01:00

types: Split aligned and packed guids

2023-11-08 05:04:24 +01:00

font: Try opening fonts from the bundled memdisk

2023-05-16 18:51:12 +02:00

kern/file: Implement filesystem reference counting

2025-01-23 16:22:47 +01:00

misc: Spelling fixes

2023-01-19 17:39:04 +01:00

gettext: Integer overflow leads to heap OOB write or read

2025-02-13 15:45:55 +01:00

gfxmenu/view: Resolve false grub_errno disrupting boot process

2024-04-11 15:48:25 +02:00

* grub-core/commands/gptsync.c: Fix typographic quoting.

2012-03-03 13:05:08 +01:00

* grub-core/hook/datehook.c (grub_read_hook_datetime): Small stylistic

2011-11-11 21:03:49 +01:00

io/gzio: Properly init a table

2024-06-06 16:55:15 +02:00

kern/dl: Check for the SHF_INFO_LINK flag in grub_dl_relocate_symbols()

2025-02-13 15:45:55 +01:00

ieee1275/tcg2: Add TCG2 driver for ieee1275 PowerPC firmware

2024-11-28 22:57:09 +01:00

loader/multiboot: Do not add modules before successful download

2024-10-31 16:29:01 +01:00

efi: Drop all uses of efi_call_XX() wrappers

2023-05-25 16:48:00 +02:00

net/tftp: Fix stack buffer overflow in tftp_open()

2025-02-13 15:45:55 +01:00

normal: Remove variables hooks on module unload

2025-02-13 15:45:55 +01:00

osdep/devmapper/getroot: Unmark 2 strings for translation

2024-06-20 19:14:41 +02:00

gpt: Add compile time asserts for guid and gpt_partentry sizes

2023-11-08 05:05:06 +01:00

types: Make bool generally available

2022-11-14 17:17:21 +01:00

script/execute: Limit the recursion depth

2025-01-23 16:22:47 +01:00

ieee1275: Consolidate repeated definitions of IEEE1275_IHANDLE_INVALID

2024-11-28 22:15:29 +01:00

asn1_test: Test module for libtasn1

2024-11-28 21:50:54 +01:00

video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG

2025-02-13 15:45:55 +01:00

gdb_grub.in

gdb: Add extra early initialization symbols for i386-pc

2023-03-14 16:07:54 +01:00

gdb_helper.py.in

gdb: Modify gdb prompt when running gdb_grub script

2023-03-14 16:07:54 +01:00

genemuinit.sh

use MODULE_FILES for genemuinit* instead of MOD_FILES

2014-01-18 23:15:40 +04:00

genemuinitheader.sh

use MODULE_FILES for genemuinit* instead of MOD_FILES

2014-01-18 23:15:40 +04:00

genmod.sh.in

modules: Strip .llvm_addrsig sections and similar

2024-10-10 13:18:00 +02:00

genmoddep.awk

build: Track explicit module dependencies in Makefile.core.def

2024-05-09 15:04:54 +02:00

gensyminfo.sh.in

Fix shebang for termux.

2017-05-03 12:49:31 +02:00

gensymlist.sh

config: Where present, ensure config-util.h precedes config.h

2022-03-21 18:47:16 +01:00

gentrigtables.c

* grub-core/gentrigtables.c: Make tables const.

2013-03-01 11:15:09 +01:00

Makefile.am

key_protector: Add key protectors framework

2024-11-28 21:50:55 +01:00

Makefile.core.def

tpm2_key_protector: Enable build for powerpc_ieee1275

2024-11-28 23:02:24 +01:00

modinfo.sh.in

Fix shebang for termux.

2017-05-03 12:49:31 +02:00