[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core

From: Alec Brown
Subject: [PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core
Date: Thu, 26 May 2022 15:29:46 -0400

Coverity identified several untrusted loop bounds and untrusted allocation size
bugs in grub-core/loader/i386/bsdXX.c and grub-core/loader/multiboot_elfXX.c.
Upon review of these bugs, I found that specific checks weren't being made to
various elf header values based on the elf manual page. The first four patches
in this patch series address the coverity bugs, as well as adds functions to
check for the correct elf header values. The last two patches adds fixes to 
previous work done in util/grub-module-verifierXX.c that also relates to making
checks of elf header values. 

The Coverity bugs being addressed are:
CID 314018
CID 314030
CID 314031
CID 314039

Alec Brown (6):
      grub-core/loader/i386/bsdXX.c: Avoid downcasting (char *) to (Elf_Shdr *)
      elf: Validate number of elf section header table entries
      elf: Validate elf section header table index for section name string table
      elf: Validate number of elf program header table entries
      util/grub-module-verifierXX.c: Add e_shoff check in get_shdr()
      util/grub-module-verifierXX.c: Changed get_shnum() return type

 grub-core/kern/elf.c               |  18 ++++++++++++++++++
 grub-core/kern/elfXX.c             | 101 
 grub-core/loader/i386/bsdXX.c      | 142 
 grub-core/loader/multiboot_elfxx.c |  79 
 include/grub/elf.h                 |  23 +++++++++++++++++++++++
 util/grub-module-verifierXX.c      |  13 +++++++++----
 6 files changed, 290 insertions(+), 86 deletions(-)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]