grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: xen: Fix parsing of XZ kernel.

From: Vladimir 'phcoder' Serbinenko
Subject: Re: xen: Fix parsing of XZ kernel.
Date: Tue, 07 Feb 2017 12:01:16 +0000


On Tue, 7 Feb 2017, 12:57 Andrei Borzenkov <address@hidden> wrote:


Отправлено с iPhone

> 7 февр. 2017 г., в 0:51, Vladimir 'phcoder' Serbinenko <address@hidden> написал(а):
>
> In case of xz, the uncompressed size is appended to xz data which confuses
> our xz decompressor. Trim it.
>
> Daniel, Andrei, Alexander, do you agree that this should go into 2.02?
> ---
>  grub-core/loader/i386/xen_file.c | 30 ++++++++++++++++++++++++------
>  1 file changed, 24 insertions(+), 6 deletions(-)
>
> diff --git a/grub-core/loader/i386/xen_file.c b/grub-core/loader/i386/xen_file.c
> index 37f9ad8..eabaf8f 100644
> --- a/grub-core/loader/i386/xen_file.c
> +++ b/grub-core/loader/i386/xen_file.c
> @@ -26,6 +26,8 @@ grub_xen_file (grub_file_t file)
>    grub_elf_t elf;
>    struct linux_kernel_header lh;
>    grub_file_t off_file;
> +  grub_uint32_t payload_offset, payload_length;
> +  grub_uint8_t magic[6];
>
>    elf = grub_elf_file (file, file->name);
>    if (elf)
> @@ -46,20 +48,36 @@ grub_xen_file (grub_file_t file)
>        return NULL;
>      }
>
> -  if (lh.payload_length < 4)
> +  payload_length = lh.payload_length;
> +  payload_offset = (lh.setup_sects + 1) * 512
> +    + lh.payload_offset;
> +
> +  if (payload_length < sizeof (magic))
>      {
>        grub_error (GRUB_ERR_BAD_OS, "payload too short");
>        return NULL;
>      }
>
>    grub_dprintf ("xen", "found bzimage payload 0x%llx-0x%llx\n",
> -             (unsigned long long) (lh.setup_sects + 1) * 512
> -             + lh.payload_offset,
> +             (unsigned long long) payload_offset,
>               (unsigned long long) lh.payload_length);
>
> -  off_file = grub_file_offset_open (file, (lh.setup_sects + 1) * 512
> -                                 + lh.payload_offset,
> -                                 lh.payload_length);
> +  grub_file_seek (file, payload_offset);
> +
> +  if (grub_file_read (file, &magic, sizeof (magic)) != sizeof (magic))
> +    {
> +      if (!grub_errno)
> +     grub_error (GRUB_ERR_BAD_OS, N_("premature end of file %s"),
> +                 file->name);
> +      goto fail;
> +    }
> +
> +  /* Kernel suffixes xz payload with their uncompressed size.
> +     Trim it.  */
> +  if (grub_memcmp (magic, "\3757zXZ\0", 6) == 0)

s/6/sizeof (magic)/ and magic string should better be defined (do not we use it already somewhere?)
Ok for sizeof. As for define, it is defined in xz_stream.h but including it needs pulling of posix_wrap that I'd rather avoid. I will just have a different define.

ok otherwise

> +    payload_length -= 4;
> +  off_file = grub_file_offset_open (file, payload_offset,
> +                                 payload_length);
>    if (!off_file)
>      goto fail;
>
> --
> 2.9.3
>
> _______________________________________________
> Grub-devel mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/grub-devel

_______________________________________________
Grub-devel mailing list
address@hidden
https://lists.gnu.org/mailman/listinfo/grub-devel
reply via email to
[Prev in Thread] Current Thread [Next in Thread]