[PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core

[Alec Brown]

Coverity identified several untrusted loop bounds and untrusted allocation size
bugs in grub-core/loader/i386/bsdXX.c and grub-core/loader/multiboot_elfXX.c.
Upon review of these bugs, I found that specific checks weren't being made to
various elf header values based on the elf manual page. The first four patches
in this patch series address the coverity bugs, as well as adds functions to
check for the correct elf header values. The last two patches adds fixes to 
previous work done in util/grub-module-verifierXX.c that also relates to making
checks of elf header values. 

The Coverity bugs being addressed are:
CID 314018
CID 314030
CID 314031
CID 314039

Alec Brown (6):
      grub-core/loader/i386/bsdXX.c: Avoid downcasting (char *) to (Elf_Shdr *)
      elf: Validate number of elf section header table entries
      elf: Validate elf section header table index for section name string table
      elf: Validate number of elf program header table entries
      util/grub-module-verifierXX.c: Add e_shoff check in get_shdr()
      util/grub-module-verifierXX.c: Changed get_shnum() return type

 grub-core/kern/elf.c               |  18 ++++++++++++++++++
 grub-core/kern/elfXX.c             | 101 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 grub-core/loader/i386/bsdXX.c      | 142 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------------------------------------------------------
 grub-core/loader/multiboot_elfxx.c |  79 
++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------
 include/grub/elf.h                 |  23 +++++++++++++++++++++++
 util/grub-module-verifierXX.c      |  13 +++++++++----
 6 files changed, 290 insertions(+), 86 deletions(-)