tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,928 Commits 1 Branch 0 Tags 49 MiB
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Peter Jones a4d3fbdff1 yylex: Make lexer fatal errors actually be fatal 
When presented with a command that can't be tokenized to anything
smaller than YYLMAX characters, the parser calls YY_FATAL_ERROR(errmsg),
expecting that will stop further processing, as such:

  #define YY_DO_BEFORE_ACTION \
        yyg->yytext_ptr = yy_bp; \
        yyleng = (int) (yy_cp - yy_bp); \
        yyg->yy_hold_char = *yy_cp; \
        *yy_cp = '\0'; \
        if ( yyleng >= YYLMAX ) \
                YY_FATAL_ERROR( "token too large, exceeds YYLMAX" ); \
        yy_flex_strncpy( yytext, yyg->yytext_ptr, yyleng + 1 , yyscanner); \
        yyg->yy_c_buf_p = yy_cp;

The code flex generates expects that YY_FATAL_ERROR() will either return
for it or do some form of longjmp(), or handle the error in some way at
least, and so the strncpy() call isn't in an "else" clause, and thus if
YY_FATAL_ERROR() is *not* actually fatal, it does the call with the
questionable limit, and predictable results ensue.

Unfortunately, our implementation of YY_FATAL_ERROR() is:

   #define YY_FATAL_ERROR(msg)                     \
     do {                                          \
       grub_printf (_("fatal error: %s\n"), _(msg));     \
     } while (0)

The same pattern exists in yyless(), and similar problems exist in users
of YY_INPUT(), several places in the main parsing loop,
yy_get_next_buffer(), yy_load_buffer_state(), yyensure_buffer_stack,
yy_scan_buffer(), etc.

All of these callers expect YY_FATAL_ERROR() to actually be fatal, and
the things they do if it returns after calling it are wildly unsafe.

Fixes: CVE-2020-10713

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
asm-tests
asm-tests/i386-pc: Check that movl is 5 bytes.
2016-09-28 20:31:04 +03:00
conf
gettext: Restore patches to po/Makefile.in.in
2020-03-10 21:17:54 +01:00
docs
docs/grub: Support for probing partition UUID on MSDOS disks
2020-05-15 15:27:58 +02:00
grub-core
yylex: Make lexer fatal errors actually be fatal
2020-07-29 16:55:47 +02:00
include
tpm: Rename function grub_tpm_log_event() to grub_tpm_measure()
2020-05-15 15:37:28 +02:00
po
po: Fix replacement of %m in sed programs
2020-03-10 21:32:09 +01:00
tests
syslinux: Fix syslinux_test in out-of-tree builds
2019-03-05 10:27:53 +01:00
themes/starfield
Starfield theme.
2012-02-23 17:21:38 +01:00
unicode
* unicode: Import Unicode 6.0 data.
2011-12-25 16:17:25 +01:00
util
templates/20_linux_xen: Support Xen Security Modules (XSM/FLASK)
2020-05-25 15:00:56 +02:00
.gitattributes
gitattributes: Mark po/exclude.pot as binary so git won't try to diff nonprintables
2019-09-23 13:17:15 +02:00
.gitignore
gitignore: Add a few forgotten file patterns
2020-05-15 15:06:21 +02:00
.travis.yml
travis: Add Travis CI config file
2019-02-25 14:02:06 +01:00
acinclude.m4
Fix -nopie/-nopie check.
2017-01-30 19:38:55 +01:00
AUTHORS
2005-09-03 Yoshinori K. Okuji <okuji@enbug.org>
2005-09-03 16:54:27 +00:00
autogen.sh
autogen: Replace -iname with -ipath in find command
2020-05-15 15:35:59 +02:00
bootstrap
gnulib: Upgrade Gnulib and switch to bootstrap tool
2019-03-05 10:48:12 +01:00
bootstrap.conf
gettext: Restore patches to po/Makefile.in.in
2020-03-10 21:17:54 +01:00
BUGS
* BUGS: New file.
2011-01-11 00:06:01 +01:00
ChangeLog-2015
Autogenerate ChangeLog from git changelog.
2015-01-24 17:29:50 +01:00
config.h.in
Remove libgcc dependency.
2015-03-03 20:50:37 +01:00
configure.ac
INSTALL/configure: Update install doc and configure comment
2020-05-25 14:49:53 +02:00
COPYING
2007-07-22 Yoshinori K. Okuji <okuji@enbug.org>
2007-07-21 23:32:33 +00:00
coreboot.cfg
* coreboot.cfg: Add missing file.
2013-11-20 00:52:23 +01:00
geninit.sh
automake commit without merge history
2010-05-06 11:34:04 +05:30
gentpl.py
build: Fix GRUB i386-pc build with Ubuntu gcc
2020-03-31 12:17:02 +02:00
INSTALL
INSTALL/configure: Update install doc and configure comment
2020-05-25 14:49:53 +02:00
linguas.sh
linguas: Don't skip ko.po.
2017-02-04 00:06:57 +01:00
Makefile.am
Makefile: Make libgrub.pp depend on config-util.h
2020-03-10 21:39:53 +01:00
Makefile.util.def
templates: Output a menu entry for firmware setup on UEFI FastBoot systems
2020-04-21 22:14:12 +02:00
NEWS
Release 2.04
2019-07-04 15:57:30 +02:00
README
README: Remove dead link to the wiki
2015-11-06 04:31:23 +01:00
THANKS
2009-12-11 Robert Millan <rmh.grub@aybabtu.com>
2009-12-11 22:44:47 +00:00
TODO
TODO: Remove obsolete link
2016-02-12 17:51:52 +01:00

README 

This is GRUB 2, the second version of the GRand Unified Bootloader.
GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more
robust, more powerful, and more portable.

See the file NEWS for a description of recent changes to GRUB 2.

See the file INSTALL for instructions on how to build and install the
GRUB 2 data and program files.

Please visit the official web page of GRUB 2, for more information.
The URL is <http://www.gnu.org/software/grub/grub.html>.

More extensive documentation is available in the Info manual,
accessible using 'info grub' after building and installing GRUB 2.

There are a number of important user-visible differences from the
first version of GRUB, now known as GRUB Legacy. For a summary, please
see:

  info grub Introduction 'Changes from GRUB Legacy'
Description
No description provided
Readme
Languages
C 82.5%
Assembly 13.6%
M4 1.4%
Shell 1.3%
Makefile 0.5%
Other 0.5%