[SECURITY PATCH 027/117] gnulib/regcomp: Fix uninitialized re

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SECURITY PATCH 027/117] gnulib/regcomp: Fix uninitialized re_token

From:	Daniel Kiper
Subject:	[SECURITY PATCH 027/117] gnulib/regcomp: Fix uninitialized re_token
Date:	Tue, 2 Mar 2021 19:00:34 +0100

From: Darren Kenny <darren.kenny@oracle.com>

This issue has been fixed in the latest version of gnulib, so to
maintain consistency, I've backported that change rather than doing
something different.

Fixes: CID 73828

Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 bootstrap.conf                                            |  4 ++--
 conf/Makefile.extra-dist                                  |  1 +
 .../lib/gnulib-patches/fix-regcomp-uninit-token.patch     | 15 +++++++++++++++
 3 files changed, 18 insertions(+), 2 deletions(-)
 create mode 100644 grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch

diff --git a/bootstrap.conf b/bootstrap.conf
index 22feff5c0..6b043fc35 100644
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -79,8 +79,8 @@ cp -a INSTALL INSTALL.grub
 
 bootstrap_post_import_hook () {
   set -e
-  for patchname in fix-base64 fix-null-deref fix-null-state-deref 
fix-regexec-null-deref \
-      fix-uninit-structure fix-unused-value fix-width no-abort; do
+  for patchname in fix-base64 fix-null-deref fix-null-state-deref 
fix-regcomp-uninit-token \
+      fix-regexec-null-deref fix-uninit-structure fix-unused-value fix-width 
no-abort; do
     patch -d grub-core/lib/gnulib -p2 \
       < "grub-core/lib/gnulib-patches/$patchname.patch"
   done
diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist
index c0ac65ec3..8f1485d52 100644
--- a/conf/Makefile.extra-dist
+++ b/conf/Makefile.extra-dist
@@ -31,6 +31,7 @@ EXTRA_DIST += grub-core/genemuinitheader.sh
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-base64.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-deref.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-state-deref.patch
+EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-regexec-null-deref.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-uninit-structure.patch
 EXTRA_DIST += grub-core/lib/gnulib-patches/fix-unused-value.patch
diff --git a/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch 
b/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
new file mode 100644
index 000000000..02e06315d
--- /dev/null
+++ b/grub-core/lib/gnulib-patches/fix-regcomp-uninit-token.patch
@@ -0,0 +1,15 @@
+--- a/lib/regcomp.c    2020-11-24 17:06:08.159223858 +0000
++++ b/lib/regcomp.c    2020-11-24 17:06:15.630253923 +0000
+@@ -3808,11 +3808,7 @@
+ create_tree (re_dfa_t *dfa, bin_tree_t *left, bin_tree_t *right,
+            re_token_type_t type)
+ {
+-  re_token_t t;
+-#if defined GCC_LINT || defined lint
+-  memset (&t, 0, sizeof t);
+-#endif
+-  t.type = type;
++  re_token_t t = { .type = type };
+   return create_token_tree (dfa, left, right, &t);
+ }
+ 
-- 
2.11.0

[Prev in Thread]

Current Thread

[Next in Thread]

[SECURITY PATCH 025/117] gnulib/argp-help: Fix dereference of a possibly NULL state, (continued)
- [SECURITY PATCH 025/117] gnulib/argp-help: Fix dereference of a possibly NULL state, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 016/117] usb: Avoid possible out-of-bound accesses caused by malicious devices, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 017/117] mmap: Fix memory leak when iterating over mapped memory, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 023/117] gnulib/regexec: Resolve unused variable, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 026/117] gnulib/regexec: Fix possible null-dereference, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 030/117] kern/partition: Check for NULL before dereferencing input string, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Daniel Kiper, 2021/03/02
  - Re: [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Paul Menzel, 2021/03/18
    - Re: [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully, Darren Kenny, 2021/03/18
- [SECURITY PATCH 033/117] disk/ldm: Fix memory leak on uninserted lv references, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 027/117] gnulib/regcomp: Fix uninitialized re_token, Daniel Kiper <=
- [SECURITY PATCH 031/117] disk/ldm: Make sure comp data is freed before exiting from make_vg(), Daniel Kiper, 2021/03/02
- [SECURITY PATCH 034/117] disk/cryptodisk: Fix potential integer overflow, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 035/117] hfsplus: Check that the volume name length is valid, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 036/117] zfs: Fix possible negative shift operation, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 028/117] io/lzopio: Resolve unnecessary self-assignment errors, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 039/117] zfsinfo: Correct a check for error allocating memory, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 032/117] disk/ldm: If failed then free vg variable too, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 040/117] affs: Fix memory leaks, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 038/117] zfs: Fix possible integer overflows, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 037/117] zfs: Fix resource leaks while constructing path, Daniel Kiper, 2021/03/02

Prev by Date: [SECURITY PATCH 033/117] disk/ldm: Fix memory leak on uninserted lv references
Next by Date: [SECURITY PATCH 031/117] disk/ldm: Make sure comp data is freed before exiting from make_vg()
Previous by thread: [SECURITY PATCH 033/117] disk/ldm: Fix memory leak on uninserted lv references
Next by thread: [SECURITY PATCH 031/117] disk/ldm: Make sure comp data is freed before exiting from make_vg()
Index(es):
- Date
- Thread