mirror of
https://git.proxmox.com/git/grub2
synced 2025-07-21 20:18:54 +00:00
2ca0e5dbcd
Valgrind identified the following use of uninitialized data: ==2782220== Conditional jump or move depends on uninitialised value(s) ==2782220== at 0x42B364: grub_hfsplus_btree_search (hfsplus.c:566) ==2782220== by 0x42B21D: grub_hfsplus_read_block (hfsplus.c:185) ==2782220== by 0x42A693: grub_fshelp_read_file (fshelp.c:386) ==2782220== by 0x42C598: grub_hfsplus_read_file (hfsplus.c:219) ==2782220== by 0x42C598: grub_hfsplus_mount (hfsplus.c:330) ==2782220== by 0x42B8C5: grub_hfsplus_dir (hfsplus.c:958) ==2782220== by 0x4C1AE6: grub_fs_probe (fs.c:73) ==2782220== by 0x407C94: grub_ls_list_files (ls.c:186) ==2782220== by 0x407C94: grub_cmd_ls (ls.c:284) ==2782220== by 0x4D7130: grub_extcmd_dispatcher (extcmd.c:55) ==2782220== by 0x4045A6: execute_command (grub-fstest.c:59) ==2782220== by 0x4045A6: fstest (grub-fstest.c:433) ==2782220== by 0x4045A6: main (grub-fstest.c:772) ==2782220== Uninitialised value was created by a heap allocation ==2782220== at 0x483C7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==2782220== by 0x4C0305: grub_malloc (mm.c:42) ==2782220== by 0x42C21D: grub_hfsplus_mount (hfsplus.c:239) ==2782220== by 0x42B8C5: grub_hfsplus_dir (hfsplus.c:958) ==2782220== by 0x4C1AE6: grub_fs_probe (fs.c:73) ==2782220== by 0x407C94: grub_ls_list_files (ls.c:186) ==2782220== by 0x407C94: grub_cmd_ls (ls.c:284) ==2782220== by 0x4D7130: grub_extcmd_dispatcher (extcmd.c:55) ==2782220== by 0x4045A6: execute_command (grub-fstest.c:59) ==2782220== by 0x4045A6: fstest (grub-fstest.c:433) ==2782220== by 0x4045A6: main (grub-fstest.c:772) This happens when the process of reading the catalog file goes sufficiently wrong that there's an attempt to read the extent overflow file, which has not yet been loaded. Keep track of when the extent overflow file is fully loaded and refuse to use it before then. The load valgrind doesn't like is btree->nodesize, and that's then used to allocate a data structure. It looks like there are subsequently a lot of reads based on that pointer so OOB reads are likely, and indeed crashes (albeit difficult-to-replicate ones) have been observed in fuzzing. Signed-off-by: Daniel Axtens <dja@axtens.net> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
||
|---|---|---|
| asm-tests | ||
| conf | ||
| docs | ||
| grub-core | ||
| include | ||
| po | ||
| tests | ||
| themes/starfield | ||
| unicode | ||
| util | ||
| .gitattributes | ||
| .gitignore | ||
| .travis.yml | ||
| acinclude.m4 | ||
| AUTHORS | ||
| autogen.sh | ||
| bootstrap | ||
| bootstrap.conf | ||
| BUGS | ||
| ChangeLog-2015 | ||
| config.h.in | ||
| configure.ac | ||
| COPYING | ||
| coreboot.cfg | ||
| geninit.sh | ||
| gentpl.py | ||
| INSTALL | ||
| linguas.sh | ||
| Makefile.am | ||
| Makefile.util.def | ||
| NEWS | ||
| README | ||
| THANKS | ||
| TODO | ||
This is GRUB 2, the second version of the GRand Unified Bootloader. GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more robust, more powerful, and more portable. See the file NEWS for a description of recent changes to GRUB 2. See the file INSTALL for instructions on how to build and install the GRUB 2 data and program files. Please visit the official web page of GRUB 2, for more information. The URL is <http://www.gnu.org/software/grub/grub.html>. More extensive documentation is available in the Info manual, accessible using 'info grub' after building and installing GRUB 2. There are a number of important user-visible differences from the first version of GRUB, now known as GRUB Legacy. For a summary, please see: info grub Introduction 'Changes from GRUB Legacy'