[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] util/grub-module-verifierXX.c: Add module_size parameter to
From: |
Daniel Kiper |
Subject: |
Re: [PATCH] util/grub-module-verifierXX.c: Add module_size parameter to functions for sanity checking |
Date: |
Mon, 13 Mar 2023 14:36:27 +0100 |
On Thu, Mar 09, 2023 at 02:43:59PM -0500, Alec Brown wrote:
> In grub-module-verifierXX.c, the function grub_module_verifyXX() performs an
> initial check that the ELF section headers are within the module's size, but
> doesn't check if the sections being accessed have contents that are within the
> module's size. In particular, we need to check that sh_offset and sh_size are
> less than the module's size. However, for some section header types we don't
> need to make these checks. For the type SHT_NULL, the section header is marked
> as inactive and the rest of the members within the section header have
> undefined
> values, so we don't need to check for sh_offset or sh_size. In the case of the
> type SHT_NOBITS, sh_offset has a conceptual offset which may be beyond the
> module size. Also, this type's sh_size may have a non-zero size, but a section
> of this type will take up no space in the module. This can all be checked in
> the
> function get_shdr(), but in order to do so, the parameter module_size must be
> added to functions so that the value of the module size can be used in
> get_shdr() from grub_module_verifyXX().
>
> Also, had to rework some for loops to ensure the index passed to get_shdr() is
> within bounds.
>
> Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Daniel