1. 21 Jan, 2015 13 commits
  2. 19 Jan, 2015 1 commit
  3. 09 Dec, 2014 1 commit
  4. 07 Dec, 2014 3 commits
  5. 05 Dec, 2014 1 commit
    • Andrei Borzenkov's avatar
      fix memory corruption in pubkey filter over network · ebb3d958
      Andrei Borzenkov authored
      grub_pubkey_open closed original file after it was read; it set
      io->device to NULL to prevent grub_file_close from trying to close device.
      But network device itself is stacked (net -> bufio); and bufio preserved
      original netfs file which hold reference to device. grub_file_close(io)
      called grub_bufio_close which called grub_file_close for original file.
      grub_file_close(netfs-file) now also called grub_device_close which
      freed file->device->net. So file structure returned by grub_pubkey_open
      now had device->net pointed to freed memory. When later file was closed,
      it was attempted to be freed again.
      Change grub_pubkey_open to behave like other filters - preserve original
      parent file and pass grub_file_close down to parent. In this way only the
      original file will close device. We really need to move this logic into
      core instead.
      Also plug memory leaks in error paths on the way.
      Reported-By: default avatarRobert Kliewer <robert.kliewer@gmail.com>
      Closes: bug #43601
  6. 01 Dec, 2014 2 commits
  7. 30 Nov, 2014 1 commit
  8. 28 Nov, 2014 4 commits
  9. 17 Nov, 2014 1 commit
    • Leif Lindholm's avatar
      efi: check *path non-null before grub_strrchr · 004a2b1e
      Leif Lindholm authored
      The EFI version of grub_machine_get_bootlocation crops the boot image
      name back to the last / in order to get a directory path. However, it
      does not check that *name is actually set before calling grub_strrchr
      to do this, and neither does grub_strrchr before dereferencing a NULL
      Parent function, grub_set_prefix_and_root, does check the pointer
      before using.
  10. 03 Nov, 2014 1 commit
    • Michael Chang's avatar
      icmp6 fix no respond to neighbor solicit message · 72ec399a
      Michael Chang authored
      The structure size used in grub_netbuff_pull to get the pointer to
      option header is apparently wrong, which leads to subsequent range check
      failed and therefore not responding to any neighbor solicit message in my
  11. 14 Oct, 2014 1 commit
  12. 22 Sep, 2014 1 commit
  13. 21 Sep, 2014 7 commits
  14. 15 Sep, 2014 1 commit
  15. 08 Sep, 2014 1 commit
    • Michael Chang's avatar
      Fix incorrect address reference in btrfs · 54bd9a06
      Michael Chang authored
      We encountered a weird random kernel initrd unpacking error on btrfs
      and finally found it was caused by incorrect address reference in range
      check for type GRUB_BTRFS_EXTENT_REGULAR and the entire result is
      This is a quick fix to make the address reference to the
      grub_btrfs_extent_data structure correctly, not the pointer variable
      to it.
      Any suggestions to this patch is welcome.
  16. 07 Sep, 2014 1 commit
    • Colin Watson's avatar
      Support grub-emu on x32 (ILP32 but with x86-64 instruction set) · 2a5a532c
      Colin Watson authored
      * configure.ac: Remove -m64 from checks for -mcmodel=large and
      -mno-red-zone.  These are always either unnecessary (x86_64-emu) or
      already in TARGET_CFLAGS at this point, and they produce incorrect
      results when building for x32.
      * grub-core/kern/x86_64/dl.c (grub_arch_dl_relocate_symbols): Cast
      pointers to Elf64_Xword via grub_addr_t, in order to work on x32.
      * include/grub/x86_64/types.h (GRUB_TARGET_SIZEOF_VOID_P,
      GRUB_TARGET_SIZEOF_LONG): Define to 4 on x32.