[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v0] Fix double-free introduced by commit 33d02a42d64cf06cada1c389
|
From: |
Jon McCune |
|
Subject: |
[PATCH v0] Fix double-free introduced by commit 33d02a42d64cf06cada1c389e5abba4b9d196cc5 |
|
Date: |
Fri, 13 Dec 2013 11:00:26 -0800 |
To reproduce the problem, make sure you have a GPG public key available, build
and install GRUB:
grub-install --debug --debug-image="all" --pubkey=/boot/pubkey.gpg
--modules="serial terminfo gzio search search_label search_fs_uuid
search_fs_file linux vbe video_fb video mmap relocator verify gcry_rsa gcry_dsa
gcry_sha256 hashsum gcry_sha1 mpi echo loadenv boottime" /dev/sda
Sign all the files in /boot/grub/* and reboot.
I tested in a QEMU VM using an i386 target. I was *not* able to successfully
test the changes to the compression routines with 'make check'. If somebody
else could do that, it would be much appreciated.
Signed-off-by: Jon McCune <address@hidden>
---
grub-core/commands/verify.c | 1 +
grub-core/io/gzio.c | 1 +
grub-core/io/lzopio.c | 1 +
grub-core/io/xzio.c | 1 +
grub-core/kern/file.c | 1 +
5 files changed, 5 insertions(+)
diff --git a/grub-core/commands/verify.c b/grub-core/commands/verify.c
index dbe7e83..e14e07c 100644
--- a/grub-core/commands/verify.c
+++ b/grub-core/commands/verify.c
@@ -885,6 +885,7 @@ grub_pubkey_open (grub_file_t io, const char *filename)
if (err)
return NULL;
io->device = 0;
+ io->name = 0;
grub_file_close (io);
return ret;
}
diff --git a/grub-core/io/gzio.c b/grub-core/io/gzio.c
index 59ad6da..af222a8 100644
--- a/grub-core/io/gzio.c
+++ b/grub-core/io/gzio.c
@@ -1259,6 +1259,7 @@ grub_gzio_close (grub_file_t file)
/* No need to close the same device twice. */
file->device = 0;
+ file->name = 0;
return grub_errno;
}
diff --git a/grub-core/io/lzopio.c b/grub-core/io/lzopio.c
index 2895e21..0606d41 100644
--- a/grub-core/io/lzopio.c
+++ b/grub-core/io/lzopio.c
@@ -525,6 +525,7 @@ grub_lzopio_close (grub_file_t file)
/* Device must not be closed twice. */
file->device = 0;
+ file->name = 0;
return grub_errno;
}
diff --git a/grub-core/io/xzio.c b/grub-core/io/xzio.c
index bcce242..10eb595 100644
--- a/grub-core/io/xzio.c
+++ b/grub-core/io/xzio.c
@@ -319,6 +319,7 @@ grub_xzio_close (grub_file_t file)
/* Device must not be closed twice. */
file->device = 0;
+ file->name = 0;
return grub_errno;
}
diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c
index 24da12b..9083e4f 100644
--- a/grub-core/kern/file.c
+++ b/grub-core/kern/file.c
@@ -188,6 +188,7 @@ grub_file_close (grub_file_t file)
if (file->device)
grub_device_close (file->device);
grub_free (file->name);
+ file->name = 0;
grub_free (file);
return grub_errno;
}
--
1.8.5.1
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [PATCH v0] Fix double-free introduced by commit 33d02a42d64cf06cada1c389e5abba4b9d196cc5,
Jon McCune <=