packages/grub2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
grub2/backport-util-grub-mount-Check-file-path-sanity.patch
Qiumiao Zhang 90f546b2c1 fix CVE-2024-1048 and backport some patches from upstream 
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
(cherry picked from commit e62f9657ab28a168cd5badeccf75370414ad34f5)
2024-03-04 21:27:17 +08:00

35 lines
1.2 KiB
Diff
Raw Blame History

From 3f79e3b158bc4aeef94220db676071cfe69e8a5f Mon Sep 17 00:00:00 2001
From: Qiumiao Zhang <zhangqiumiao1@huawei.com>
Date: Wed, 25 Oct 2023 11:54:57 +0800
Subject: util/grub-mount: Check file path sanity
The function argp_parser() in util/grub-mount.c lacks a check on the
sanity of the file path when parsing parameters. This results in
a segmentation fault if a partition is mounted to a non-existent path.
Reference:https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3f79e3b158bc4aeef94220db676071cfe69e8a5f
Conflict:NA
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
util/grub-mount.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/util/grub-mount.c b/util/grub-mount.c
index c69889d..bf4c8b8 100644
--- a/util/grub-mount.c
+++ b/util/grub-mount.c
@@ -563,6 +563,8 @@ argp_parser (int key, char *arg, struct argp_state *state)
images = xrealloc (images, (num_disks + 1) * sizeof (images[0]));
images[num_disks] = grub_canonicalize_file_name (arg);
+ if (images[num_disks] == NULL)
+ grub_util_error (_("cannot find `%s': %s"), arg, strerror (errno));
num_disks++;
return 0;
--
cgit v1.1
Reference in New Issue View Git Blame Copy Permalink