grub/grub-core at 16c0dbf4bc6a953c41bc7a031b36dfa8e906afea - grub - Gitea: Git with a cup of tea.... and pages of fanfiction!

tablet/grub

History

Konrad Rzeszutek Wilk 16c0dbf4bc lzma: Make sure we don't dereference past array

The two dimensional array p->posSlotEncoder[4][64] is being dereferenced
using the GetLenToPosState() macro which checks if len is less than 5,
and if so subtracts 2 from it. If len = 0, that is 0 - 2 = 4294967294.
Obviously we don't want to dereference that far out so we check if the
position found is greater or equal kNumLenToPosStates (4) and bail out.

N.B.: Upstream LZMA 18.05 and later has this function completely rewritten
without any history.

Fixes: CID 51526

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

2020-07-29 16:55:48 +02:00

..

A workaround for clang problem assembling startup_raw.S

2019-04-08 15:22:10 +10:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

malloc: Use overflow checking primitives where we do complex allocations

2020-07-29 16:55:47 +02:00

malloc: Use overflow checking primitives where we do complex allocations

2020-07-29 16:55:47 +02:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

font: Do not load more than one NAME section

2020-07-29 16:55:48 +02:00

iso9660: Don't leak memory on realloc() failures

2020-07-29 16:55:48 +02:00

i386, x86_64, ppc: fix switch fallthrough cases with GCC7

2017-04-04 19:23:55 +03:00

verifiers: File type for fine-grained signature-verification controlling

2018-11-09 13:25:31 +01:00

gfxmenu: Fix double free in load_image()

2020-07-29 16:55:48 +02:00

* grub-core/commands/gptsync.c: Fix typographic quoting.

2012-03-03 13:05:08 +01:00

* grub-core/hook/datehook.c (grub_read_hook_datetime): Small stylistic

2011-11-11 21:03:49 +01:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

lzma: Make sure we don't dereference past array

2020-07-29 16:55:48 +02:00

xnu: Fix double free in grub_xnu_devprop_add_property()

2020-07-29 16:55:48 +02:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

malloc: Use overflow checking primitives where we do complex allocations

2020-07-29 16:55:47 +02:00

malloc: Use overflow checking primitives where we do complex allocations

2020-07-29 16:55:47 +02:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

* grub-core/net/http.c: Add TRANSLATORS comments.

2012-03-05 16:42:26 +01:00

malloc: Use overflow checking primitives where we do complex allocations

2020-07-29 16:55:47 +02:00

efi/console: Do not set text-mode until we actually need it

2020-04-21 22:13:14 +02:00

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

malloc: Use overflow checking primitives where we do complex allocations

2020-07-29 16:55:47 +02:00

gdb_grub.in

* grub-core/gdb_grub.in: Fix overflow and wrong field.

2013-10-14 03:40:20 +02:00

genemuinit.sh

use MODULE_FILES for genemuinit* instead of MOD_FILES

2014-01-18 23:15:40 +04:00

genemuinitheader.sh

use MODULE_FILES for genemuinit* instead of MOD_FILES

2014-01-18 23:15:40 +04:00

genmod.sh.in

.mod files: Strip annobin annotations and .eh_frame, and their relocations

2018-03-05 14:08:22 +01:00

genmoddep.awk

enforcing fixup

2017-08-14 16:27:10 +02:00

gensyminfo.sh.in

Fix shebang for termux.

2017-05-03 12:49:31 +02:00

gensymlist.sh

Make 'make check' work on emu.

2013-04-27 02:00:16 +02:00

gentrigtables.c

* grub-core/gentrigtables.c: Make tables const.

2013-03-01 11:15:09 +01:00

gmodule.pl.in

* grub-core/gmodule.pl.in: Accept newer binutils which output

2014-09-21 18:23:23 +02:00

Makefile.am

RISC-V: Add to build system

2019-02-25 14:02:05 +01:00

Makefile.core.def

tpm: Enable module for all EFI platforms

2020-05-25 14:50:42 +02:00

modinfo.sh.in

Fix shebang for termux.

2017-05-03 12:49:31 +02:00