[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 0/5] Fix coverity bugs and add checks for elf values in grub-c

From: Alec Brown
Subject: [PATCH v3 0/5] Fix coverity bugs and add checks for elf values in grub-core
Date: Wed, 20 Apr 2022 22:23:12 -0400

v3: Added check for e_shoff, made starting words lowercase in error messages,
and added comment to why return pointers are set to 0.

Coverity identified several untrusted loop bounds and untrusted allocation size
bugs in grub-core/loader/i386/bsdXX.c and grub-core/loader/multiboot_elfXX.c.
Upon review of these bugs, I found that specific checks weren't being made to
various elf header values based on the elf manual page. This patch series
addresses the coverity bugs, as well as adds functions to check for the correct
elf header values.

The Coverity bugs being addressed are:
CID 314018
CID 314030
CID 314031
CID 314039

Alec Brown (5):
      grub-core/loader/i386/bsdXX.c: Avoid downcasting (char *) to (Elf_Shdr *)
      elf: Validate number of elf section header table entries
      elf: Validate elf section header table index for section name string table
      elf: Validate number of elf program header table entries
      util/grub-module-verifierXX.c: Add e_shoff check in get_shdr()

 grub-core/kern/elf.c               |  15 +++++++++++++++
 grub-core/kern/elfXX.c             | 101 
 grub-core/loader/i386/bsdXX.c      | 137 
 grub-core/loader/multiboot_elfxx.c |  76 
 include/grub/elf.h                 |  18 ++++++++++++++++++
 util/grub-module-verifierXX.c      |   3 +++
 6 files changed, 273 insertions(+), 77 deletions(-)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]