tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,049 Commits 1 Branch 0 Tags 49 MiB
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Lidong Chen ab09fd0531 fs/jfs: Fix OOB read caused by invalid dir slot index 
While fuzz testing JFS with ASAN enabled an OOB read was detected in
grub_jfs_opendir(). The issue occurred due to an invalid directory slot
index in the first entry of the sorted directory slot array in the inode
directory header. The fix ensures the slot index is validated before
accessing it. Given that an internal or a leaf node in a directory B+
tree is a 4 KiB in size and each directory slot is always 32 bytes, the
max number of slots in a node is 128. The validation ensures that the
slot index doesn't exceed this limit.

[1] https://jfs.sourceforge.net/project/pub/jfslayout.pdf

  JFS will allocate 4K of disk space for an internal node of the B+ tree.
  An internal node looks the same as a leaf node.
          - page 10

  Fixed number of Directory Slots depending on the size of the node. These are
  the slots to be used for storing the directory slot array and the directory
  entries or router entries. A directory slot is always 32 bytes.
  ...
  A Directory Slot Array which is a sorted array of indices to the directory
  slots that are currently in use.
  ...
  An internal or a leaf node in the directory B+ tree is a 4K page.
          - page 25

Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
2025-01-23 16:22:46 +01:00
asm-tests
asm-tests/i386-pc: Check that movl is 5 bytes.
2016-09-28 20:31:04 +03:00
conf
build: Track explicit module dependencies in Makefile.core.def
2024-05-09 15:04:54 +02:00
docs
docs: Document TPM2 key protector
2024-11-28 21:50:56 +01:00
grub-core
fs/jfs: Fix OOB read caused by invalid dir slot index
2025-01-23 16:22:46 +01:00
include
misc: Implement grub_strlcpy()
2024-12-02 17:32:51 +01:00
po
po: Un-transliterate the %zu format code
2022-03-14 23:05:00 +01:00
tests
tests: Add tpm2_key_protector_test
2024-11-28 21:50:56 +01:00
themes/starfield
Starfield theme.
2012-02-23 17:21:38 +01:00
unicode
* unicode: Import Unicode 6.0 data.
2011-12-25 16:17:25 +01:00
util
util/grub-protect: Add new tool
2024-11-28 21:50:55 +01:00
.gitattributes
gitattributes: Mark po/exclude.pot as binary so git won't try to diff nonprintables
2019-09-23 13:17:15 +02:00
.gitignore
util/grub-protect: Add new tool
2024-11-28 21:50:55 +01:00
.travis.yml
travis: Run bootstrap to fix build
2020-09-18 22:31:30 +02:00
acinclude.m4
configure: Replace -Wl,-r,-d with -Wl,-r and add -fno-common
2022-03-07 15:05:22 +01:00
AUTHORS
2005-09-03 Yoshinori K. Okuji <okuji@enbug.org>
2005-09-03 16:54:27 +00:00
autogen.sh
asn1_test: Test module for libtasn1
2024-11-28 21:50:54 +01:00
bootstrap
gnulib: Update gnulib version and drop most gnulib patches
2022-03-21 19:14:54 +01:00
bootstrap.conf
bootstrap: Don't check gettext version
2023-12-13 13:25:34 +01:00
BUGS
* BUGS: New file.
2011-01-11 00:06:01 +01:00
config.h.in
efi: Generate stack protector canary at build time if urandom is available
2023-12-20 14:31:50 +01:00
configure.ac
util/grub-protect: Add new tool
2024-11-28 21:50:55 +01:00
COPYING
2007-07-22 Yoshinori K. Okuji <okuji@enbug.org>
2007-07-21 23:32:33 +00:00
coreboot.cfg
* coreboot.cfg: Add missing file.
2013-11-20 00:52:23 +01:00
geninit.sh
automake commit without merge history
2010-05-06 11:34:04 +05:30
gentpl.py
gentpl: Put boot/mips/startup_raw.S into beginning of the image
2024-09-05 17:25:27 +02:00
INSTALL
tests: Switch to requiring exfatprogs from exfat-utils
2024-06-20 15:19:12 +02:00
linguas.sh
linguas: Don't skip ko.po.
2017-02-04 00:06:57 +01:00
MAINTAINERS
SECURITY: Add SECURITY file
2021-06-08 14:24:34 +02:00
Makefile.am
Makefile: Make grub_fstest.pp depend on config-util.h
2022-08-10 14:24:46 +02:00
Makefile.util.def
tests: Add tpm2_key_protector_test
2024-11-28 21:50:56 +01:00
NEWS
Release 2.12
2023-12-20 16:54:46 +01:00
README
SECURITY: Add SECURITY file
2021-06-08 14:24:34 +02:00
SECURITY
SECURITY: Add SECURITY file
2021-06-08 14:24:34 +02:00
THANKS
2009-12-11 Robert Millan <rmh.grub@aybabtu.com>
2009-12-11 22:44:47 +00:00
TODO
TODO: Remove obsolete link
2016-02-12 17:51:52 +01:00

README 

This is GRUB 2, the second version of the GRand Unified Bootloader.
GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more
robust, more powerful, and more portable.

See the file NEWS for a description of recent changes to GRUB 2.

See the file INSTALL for instructions on how to build and install the
GRUB 2 data and program files.

See the file MAINTAINERS for information about the GRUB maintainers, etc.

If you found a security vulnerability in the GRUB please check the SECURITY
file to get more information how to properly report this kind of bugs to
the maintainers.

Please visit the official web page of GRUB 2, for more information.
The URL is <http://www.gnu.org/software/grub/grub.html>.

More extensive documentation is available in the Info manual,
accessible using 'info grub' after building and installing GRUB 2.

There are a number of important user-visible differences from the
first version of GRUB, now known as GRUB Legacy. For a summary, please
see:

  info grub Introduction 'Changes from GRUB Legacy'
Description
No description provided
Readme
Languages
C 82.5%
Assembly 13.6%
M4 1.4%
Shell 1.3%
Makefile 0.5%
Other 0.5%