proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-08-14 16:59:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

io/gzio: Bail if gzio->tl/td is NULL

Browse Source 
This is an ugly fix that doesn't address why gzio->tl comes to be NULL.
However, it seems to be sufficient to patch up a bunch of NULL derefs.

It would be good to revisit this in future and see if we can have
a cleaner solution that addresses some of the causes of the unexpected
NULL pointers.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Daniel Axtens 2021-01-13 20:59:09 +11:00 committed by Daniel Kiper
parent ca5d9ac206
commit 3334a5e6c8
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
grub-core/io/gzio.c
View File

@ -669,6 +669,13 @@ inflate_codes_in_window (grub_gzio_t gzio)
{
if (! gzio->code_state)
{
if (gzio->tl == NULL)
{
grub_error (GRUB_ERR_BAD_COMPRESSED_DATA, "NULL gzio->tl");
return 1;
}
NEEDBITS ((unsigned) gzio->bl);
if ((e = (t = gzio->tl + ((unsigned) b & ml))->e) > 16)
do
@ -707,6 +714,12 @@ inflate_codes_in_window (grub_gzio_t gzio)
n = t->v.n + ((unsigned) b & mask_bits[e]);
DUMPBITS (e);
if (gzio->td == NULL)
{
grub_error (GRUB_ERR_BAD_COMPRESSED_DATA, "NULL gzio->td");
return 1;
}
/* decode distance of block to copy */
NEEDBITS ((unsigned) gzio->bd);
if ((e = (t = gzio->td + ((unsigned) b & md))->e) > 16)
@ -917,6 +930,13 @@ init_dynamic_block (grub_gzio_t gzio)
n = nl + nd;
m = mask_bits[gzio->bl];
i = l = 0;
if (gzio->tl == NULL)
{
grub_error (GRUB_ERR_BAD_COMPRESSED_DATA, "NULL gzio->tl");
return;
}
while ((unsigned) i < n)
{
NEEDBITS ((unsigned) gzio->bl);