[SECURITY PATCH 024/117] gnulib/regcomp: Fix uninitialized token structu

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SECURITY PATCH 024/117] gnulib/regcomp: Fix uninitialized token structu

From:	Daniel Kiper
Subject:	[SECURITY PATCH 024/117] gnulib/regcomp: Fix uninitialized token structure
Date:	Tue, 2 Mar 2021 19:00:31 +0100

From: Darren Kenny <darren.kenny@oracle.com>

The code is assuming that the value of br_token.constraint was
initialized to zero when it wasn't.

While some compilers will ensure that, not all do, so it is better to
fix this explicitly than leave it to chance.

Fixes: CID 73749

Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 bootstrap.conf                                          |  2 +-
 conf/Makefile.extra-dist                                |  1 +
 grub-core/lib/gnulib-patches/fix-uninit-structure.patch | 11 +++++++++++
 3 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 grub-core/lib/gnulib-patches/fix-uninit-structure.patch

diff --git a/bootstrap.conf b/bootstrap.conf
index 4c8c37c16..a7fc34eb3 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -79,7 +79,7 @@ cp -a INSTALL INSTALL.grub
 
 bootstrap_post_import_hook () {
   set -e
-  for patchname in fix-base64 fix-null-deref fix-unused-value fix-width 
no-abort; do
+  for patchname in fix-base64 fix-null-deref fix-uninit-structure 
fix-unused-value fix-width no-abort; do
     patch -d grub-core/lib/gnulib -p2 \
       < "grub-core/lib/gnulib-patches/$patchname.patch"
   done
diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist
index 0d3b74e8e..d83cde427 100644
--- a/conf/Makefile.extra-dist
+++ b/conf/Makefile.extra-dist
@@ -30,6 +30,7 @@ EXTRA_DIST += grub-core/genemuinitheader.sh
 
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-base64.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-deref.patch
+EXTRA_DIST += grub-core/lib/gnulib-patches/fix-uninit-structure.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-unused-value.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-width.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/no-abort.patch
diff --git a/grub-core/lib/gnulib-patches/fix-uninit-structure.patch 
b/grub-core/lib/gnulib-patches/fix-uninit-structure.patch
new file mode 100644
index 000000000..7b4d9f67a
--- /dev/null
+++ b/grub-core/lib/gnulib-patches/fix-uninit-structure.patch
@@ -0,0 +1,11 @@
+--- a/lib/regcomp.c    2020-10-22 13:49:06.770168928 +0000
++++ b/lib/regcomp.c    2020-10-22 13:50:37.026528298 +0000
+@@ -3662,7 +3662,7 @@
+   Idx alloc = 0;
+ #endif /* not RE_ENABLE_I18N */
+   reg_errcode_t ret;
+-  re_token_t br_token;
++  re_token_t br_token = {0};
+   bin_tree_t *tree;
+ 
+   sbcset = (re_bitset_ptr_t) calloc (sizeof (bitset_t), 1);
-- 
2.11.0

[Prev in Thread]

Current Thread

[Next in Thread]

[SECURITY PATCH 009/117] commands: Restrict commands that can load BIOS or DT blobs when locked down, (continued)
- [SECURITY PATCH 009/117] commands: Restrict commands that can load BIOS or DT blobs when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 010/117] commands/setpci: Restrict setpci command when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 012/117] gdb: Restrict GDB access when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 015/117] dl: Only allow unloading modules that are not dependencies, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 013/117] loader/xnu: Don't allow loading extension and packages when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 011/117] commands/hdparm: Restrict hdparm command when locked down, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 014/117] docs: Document the cutmem command, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 021/117] kern/efi: Fix memory leak on failure, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 019/117] net/tftp: Fix dangling memory pointer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL pointer, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 024/117] gnulib/regcomp: Fix uninitialized token structure, Daniel Kiper <=
- [SECURITY PATCH 020/117] kern/parser: Fix resource leak if argc == 0, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 022/117] kern/efi/mm: Fix possible NULL pointer dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 025/117] gnulib/argp-help: Fix dereference of a possibly NULL state, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 016/117] usb: Avoid possible out-of-bound accesses caused by malicious devices, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 017/117] mmap: Fix memory leak when iterating over mapped memory, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 023/117] gnulib/regexec: Resolve unused variable, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 026/117] gnulib/regexec: Fix possible null-dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 030/117] kern/partition: Check for NULL before dereferencing input string, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Daniel Kiper, 2021/03/02
  - Re: [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Paul Menzel, 2021/03/18

Prev by Date: [SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL pointer
Next by Date: [SECURITY PATCH 020/117] kern/parser: Fix resource leak if argc == 0
Previous by thread: [SECURITY PATCH 018/117] net/net: Fix possible dereference to of a NULL pointer
Next by thread: [SECURITY PATCH 020/117] kern/parser: Fix resource leak if argc == 0
Index(es):
- Date
- Thread