tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
grub/grub-core/lib
History
Peter Jones 3f05d693d1 malloc: Use overflow checking primitives where we do complex allocations 
This attempts to fix the places where we do the following where
arithmetic_expr may include unvalidated data:

  X = grub_malloc(arithmetic_expr);

It accomplishes this by doing the arithmetic ahead of time using grub_add(),
grub_sub(), grub_mul() and testing for overflow before proceeding.

Among other issues, this fixes:
  - allocation of integer overflow in grub_video_bitmap_create()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_squash_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_ext2_read_symlink()
    reported by Chris Coulson,
  - allocation of integer overflow in read_section_as_string()
    reported by Chris Coulson.

Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
..
arc
sgi support
2011-05-13 16:36:05 +02:00
arm
* grub-core/kern/arm/cache.S: Don't switch back to ARM mode when
2013-11-16 17:37:06 +01:00
arm64
arm64/setjmp: Add missing move for arg1 == 0 case.
2016-01-07 21:10:05 +01:00
dummy
arm-coreboot: Start new port.
2017-05-08 20:53:28 +02:00
efi
RISC-V: Add to build system
2019-02-25 14:02:05 +01:00
emu
Add missing emu/halt.c
2010-08-30 00:54:15 +02:00
gnulib-patches
gnulib: Fix build of base64 when compiling with memory debugging
2020-03-10 21:58:36 +01:00
i386
freedos: Fix FreeDOS command booting large files (near or above 64 KiB)
2020-01-28 21:16:48 +01:00
ia64
* grub-core/lib/ia64/longjmp.S: Fix the name of longjmp function.
2013-03-02 15:31:17 +01:00
ieee1275
iee1275/datetime: Fix off-by-1 error.
2016-01-07 15:53:42 +01:00
json
calloc: Use calloc() at most places
2020-07-29 16:55:47 +02:00
libgcrypt
calloc: Use calloc() at most places
2020-07-29 16:55:47 +02:00
libgcrypt_wrap
calloc: Make sure we always have an overflow-checking calloc() available
2020-07-29 16:55:47 +02:00
minilzo
minilzo: Update to minilzo-2.08
2020-02-11 21:30:30 +01:00
mips
mips: Make setjmp code N32-compliant.
2015-10-11 13:20:26 +02:00
posix_wrap
calloc: Make sure we always have an overflow-checking calloc() available
2020-07-29 16:55:47 +02:00
powerpc
* grub-core/lib/powerpc/setjmp.S (grub_setjmp): Save r31.
2013-11-18 02:35:32 +01:00
riscv
RISC-V: Add setjmp implementation
2019-02-25 11:28:44 +01:00
sparc64
* grub-core/lib/sparc64/setjmp.S: Force spilling of current window.
2013-11-18 10:01:36 +01:00
uboot
Rename uboot/datetime to dummy/datetime.
2017-05-08 19:40:14 +02:00
x86_64
xen: modify page table construction
2016-10-27 16:22:06 +02:00
xen
xen: modify page table construction
2016-10-27 16:22:06 +02:00
xzembed
Change fs functions to add fs_ prefix
2019-04-09 10:03:29 +10:00
zstd
calloc: Use calloc() at most places
2020-07-29 16:55:47 +02:00
adler32.c
* grub-core/lib/adler32.c: Recode due to license unclearness.
2012-04-07 19:58:39 +02:00
arg.c
malloc: Use overflow checking primitives where we do complex allocations
2020-07-29 16:55:47 +02:00
backtrace.c
* grub-core/disk/ahci.c: Add needed explicit cast.
2013-08-21 21:02:14 +02:00
cmdline.c
verifiers: Add possibility to verify kernel and modules command lines
2018-11-09 13:25:31 +01:00
cmos_datetime.c
CMOS support on sparc.
2011-07-05 20:24:20 +02:00
crc64.c
Remove several trivially-unnecessary uses of nested functions.
2012-12-31 17:31:38 +00:00
crc.c
Remove several trivially-unnecessary uses of nested functions.
2012-12-31 17:31:38 +00:00
crypto.c
core: use GRUB_TERM_ definitions when handling term characters
2017-08-07 19:28:22 +02:00
datetime.c
normal: Move common datetime functions out of the normal module
2020-02-18 15:12:06 +01:00
disk.c
Rename grub_disk members
2019-03-25 15:14:52 +01:00
division.c
core: avoid NULL derefrence in grub_divmod64s
2015-04-06 19:30:51 +03:00
envblk.c
envblk: Fix buffer overrun when attempting to shrink a variable value
2020-05-15 15:24:59 +02:00
fake_module.c
Add new all_video module.
2012-02-26 18:09:07 +01:00
fdt.c
fdt: Move prop_entry_size to fdt.h
2018-06-23 21:40:55 +02:00
getline.c
Implement syslinux parser.
2013-12-18 05:28:05 +01:00
hexdump.c
automake commit without merge history
2010-05-06 11:34:04 +05:30
legacy_parse.c
misc: Make grub_strtol() "end" pointers have safer const qualifiers
2020-02-28 12:41:29 +01:00
LzFind.c
* grub-core/lib/LzFind.c (MatchFinder_GetIndexByte): Rename index to
2012-02-10 12:21:28 +01:00
LzmaDec.c
* include/grub/lib/LzmaDec.h: Fix to include LzmaTypes.h and
2013-11-10 20:37:01 +01:00
LzmaEnc.c
* conf/Makefile.common (CFLAGS_GNULIB): Add
2012-02-24 12:30:32 +01:00
pbkdf2.c
Remove pragmas related to -Wunreachable-code
2016-01-20 15:56:55 +00:00
priority_queue.c
calloc: Use calloc() at most places
2020-07-29 16:55:47 +02:00
progress.c
Disable progress indicator in grub-shell.
2016-01-05 21:10:10 +01:00
random.c
Add RNG module.
2016-02-12 12:39:38 +01:00
reed_solomon.c
calloc: Use calloc() at most places
2020-07-29 16:55:47 +02:00
relocator.c
calloc: Use calloc() at most places
2020-07-29 16:55:47 +02:00
setjmp.S
RISC-V: Add to build system
2019-02-25 14:02:05 +01:00
syslinux_parse.c
misc: Make grub_strtol() "end" pointers have safer const qualifiers
2020-02-28 12:41:29 +01:00