proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-21 07:40:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3d157bbd06
grub2/grub-core/lib
History
Daniel Axtens 2a330dba93 lib/arg: Block repeated short options that require an argument 
Fuzzing found the following crash:

  search -hhhhhhhhhhhhhf

We didn't allocate enough option space for 13 hints because the
allocation code counts the number of discrete arguments (i.e. argc).
However, the shortopt parsing code will happily keep processing
a combination of short options without checking if those short
options require an argument. This means you can easily end writing
past the allocated option space.

This fixes a OOB write which can cause heap corruption.

Fixes: CVE-2021-20225

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2021-03-02 15:54:17 +01:00
..
arc sgi support 2011-05-13 16:36:05 +02:00
arm * grub-core/kern/arm/cache.S: Don't switch back to ARM mode when 2013-11-16 17:37:06 +01:00
arm64 arm64/setjmp: Add missing move for arg1 == 0 case. 2016-01-07 21:10:05 +01:00
dummy arm-coreboot: Start new port. 2017-05-08 20:53:28 +02:00
efi efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
emu Add missing emu/halt.c 2010-08-30 00:54:15 +02:00
gnulib-patches gnulib/regcomp: Fix uninitialized re_token 2021-03-02 15:54:16 +01:00
i386 i386/relocator_common: Drop empty #ifdef 2020-09-11 15:46:36 +02:00
ia64 * grub-core/lib/ia64/longjmp.S: Fix the name of longjmp function. 2013-03-02 15:31:17 +01:00
ieee1275 iee1275/datetime: Fix off-by-1 error. 2016-01-07 15:53:42 +01:00
json json: Remove invalid typedef redefinition 2020-09-11 15:46:55 +02:00
libgcrypt libgcrypt/mpi: Fix possible NULL dereference 2021-03-02 15:54:16 +01:00
libgcrypt_wrap calloc: Make sure we always have an overflow-checking calloc() available 2020-07-29 16:55:47 +02:00
minilzo minilzo: Update to minilzo-2.08 2020-02-11 21:30:30 +01:00
mips relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
posix_wrap calloc: Make sure we always have an overflow-checking calloc() available 2020-07-29 16:55:47 +02:00
powerpc relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
riscv RISC-V: Add setjmp implementation 2019-02-25 11:28:44 +01:00
sparc64 * grub-core/lib/sparc64/setjmp.S: Force spilling of current window. 2013-11-18 10:01:36 +01:00
uboot Rename uboot/datetime to dummy/datetime. 2017-05-08 19:40:14 +02:00
x86_64 relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
xen xen: modify page table construction 2016-10-27 16:22:06 +02:00
xzembed Change fs functions to add fs_ prefix 2019-04-09 10:03:29 +10:00
zstd zstd: Initialize seq_t structure fully 2021-03-02 15:54:16 +01:00
adler32.c * grub-core/lib/adler32.c: Recode due to license unclearness. 2012-04-07 19:58:39 +02:00
arg.c lib/arg: Block repeated short options that require an argument 2021-03-02 15:54:17 +01:00
backtrace.c * grub-core/disk/ahci.c: Add needed explicit cast. 2013-08-21 21:02:14 +02:00
cmdline.c verifiers: Add possibility to verify kernel and modules command lines 2018-11-09 13:25:31 +01:00
cmos_datetime.c CMOS support on sparc. 2011-07-05 20:24:20 +02:00
crc64.c Remove several trivially-unnecessary uses of nested functions. 2012-12-31 17:31:38 +00:00
crc.c Remove several trivially-unnecessary uses of nested functions. 2012-12-31 17:31:38 +00:00
crypto.c core: use GRUB_TERM_ definitions when handling term characters 2017-08-07 19:28:22 +02:00
datetime.c normal: Move common datetime functions out of the normal module 2020-02-18 15:12:06 +01:00
disk.c Rename grub_disk members 2019-03-25 15:14:52 +01:00
division.c core: avoid NULL derefrence in grub_divmod64s 2015-04-06 19:30:51 +03:00
envblk.c envblk: Fix buffer overrun when attempting to shrink a variable value 2020-05-15 15:24:59 +02:00
fake_module.c Add new all_video module. 2012-02-26 18:09:07 +01:00
fdt.c fdt: Move prop_entry_size to fdt.h 2018-06-23 21:40:55 +02:00
getline.c Implement syslinux parser. 2013-12-18 05:28:05 +01:00
hexdump.c automake commit without merge history 2010-05-06 11:34:04 +05:30
legacy_parse.c misc: Make grub_strtol() "end" pointers have safer const qualifiers 2020-02-28 12:41:29 +01:00
LzFind.c * grub-core/lib/LzFind.c (MatchFinder_GetIndexByte): Rename index to 2012-02-10 12:21:28 +01:00
LzmaDec.c * include/grub/lib/LzmaDec.h: Fix to include LzmaTypes.h and 2013-11-10 20:37:01 +01:00
LzmaEnc.c lzma: Fix compilation error under clang 10 2020-10-30 21:53:00 +01:00
pbkdf2.c Remove pragmas related to -Wunreachable-code 2016-01-20 15:56:55 +00:00
priority_queue.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
progress.c Disable progress indicator in grub-shell. 2016-01-05 21:10:10 +01:00
random.c Add RNG module. 2016-02-12 12:39:38 +01:00
reed_solomon.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
relocator.c relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation 2020-07-29 16:55:48 +02:00
setjmp.S RISC-V: Add to build system 2019-02-25 14:02:05 +01:00
syslinux_parse.c syslinux: Fix memory leak while parsing 2021-03-02 15:54:17 +01:00