proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-10-04 11:58:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
03d18df312
grub2/grub-core/net
History
Daniel Axtens 870b94755b net/http: Error out on headers with LF without CR 
In a similar vein to the previous patch, parse_line() would write
a NUL byte past the end of the buffer if there was an HTTP header
with a LF rather than a CRLF.

RFC-2616 says:

  Many HTTP/1.1 header field values consist of words separated by LWS
  or special characters. These special characters MUST be in a quoted
  string to be used within a parameter value (as defined in section 3.6).

We don't support quoted sections or continuation lines, etc.

If we see an LF that's not part of a CRLF, bail out.

Fixes: CVE-2022-28734

Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2022-06-08 12:41:03 +02:00
..
drivers efinet: Setting DNS server from UEFI protocol 2021-09-27 20:09:39 +01:00
arp.c Add Virtual LAN support. 2017-05-03 13:03:50 +02:00
bootp.c bootp: Add processing DHCPACK packet from HTTP Boot 2021-09-27 20:09:39 +01:00
dns.c net/dns: Don't read past the end of the string we're checking against 2022-06-08 12:41:03 +02:00
ethernet.c Add Virtual LAN support. 2017-05-03 13:03:50 +02:00
http.c net/http: Error out on headers with LF without CR 2022-06-08 12:41:03 +02:00
icmp6.c net: fix ipv6 routing 2016-02-25 22:38:52 +03:00
icmp.c arp, icmp: Fix handling in case of oversized or invalid packets. 2015-03-27 12:18:25 +01:00
ip.c net/ip: Do IP fragment maths safely 2022-06-08 12:41:03 +02:00
net.c net/tftp: Prevent a UAF and double-free from a failed seek 2022-06-08 12:41:03 +02:00
netbuff.c net/netbuff: Block overly large netbuff allocs 2022-06-08 12:41:03 +02:00
tcp.c tcp: fix memory leaks 2016-01-16 20:59:50 +03:00
tftp.c net/tftp: Avoid a trivial UAF 2022-06-08 12:41:03 +02:00
udp.c * grub-core/disk/ahci.c: Add needed explicit cast. 2013-08-21 21:02:14 +02:00