From 0a3394ca4b9865770a05f13762e0a8b3041c2bba Mon Sep 17 00:00:00 2001 From: Nicolas Frayer Date: Wed, 23 Oct 2024 12:15:08 +0200 Subject: [PATCH] cmd/search: Fix a possible NULL ptr dereference Signed-off-by: Nicolas Frayer --- ...-Fix-a-possible-NULL-ptr-dereference.patch | 59 +++++++++++++++++++ grub.patches | 1 + grub2.spec | 5 +- 3 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 0279-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch diff --git a/0279-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch b/0279-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch new file mode 100644 index 0000000..7da6e10 --- /dev/null +++ b/0279-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch @@ -0,0 +1,59 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Nicolas Frayer +Date: Wed, 16 Oct 2024 15:50:32 +0200 +Subject: [PATCH] cmd/search: Fix a possible NULL ptr dereference + +When querying about a partition UUID, we're not checking +for get_device_uuid() return value, which can possibly +result in dereferencing a NULL pointer. + +Signed-off-by: Nicolas Frayer +Co-authored-by: Chuong Tran +--- + grub-core/commands/search.c | 28 +++++++++++++++------------- + 1 file changed, 15 insertions(+), 13 deletions(-) + +diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c +index 9dd937e6df4e..d538b36219fb 100644 +--- a/grub-core/commands/search.c ++++ b/grub-core/commands/search.c +@@ -212,24 +212,26 @@ iterate_device (const char *name, void *data) + struct uuid_context uuid_ctx; + int ret = 0; + +- get_device_uuid(name, &quid_name); +- if (!grub_strcmp(quid_name, ctx->key)) ++ if (get_device_uuid(name, &quid_name)) + { +- uuid_ctx.name = name; +- uuid_ctx.uuid = quid_name; ++ if (!grub_strcmp(quid_name, ctx->key)) ++ { ++ uuid_ctx.name = name; ++ uuid_ctx.uuid = quid_name; + +- ret = grub_device_iterate (check_for_duplicate, &uuid_ctx); ++ ret = grub_device_iterate (check_for_duplicate, &uuid_ctx); + +- if (ret) +- { +- grub_printf("Duplicated media UUID found, rebooting ...\n"); +- grub_sleep(10); +- grub_reboot(); +- } +- } ++ if (ret) ++ { ++ grub_printf("Duplicated media UUID found, rebooting ...\n"); ++ grub_sleep(10); ++ grub_reboot(); ++ } ++ } + +- if (quid_name) grub_free (quid_name); ++ if (quid_name) grub_free (quid_name); + ++ } + } + } + } diff --git a/grub.patches b/grub.patches index ff170a1..23f1ac1 100644 --- a/grub.patches +++ b/grub.patches @@ -276,3 +276,4 @@ Patch0275: 0275-load-EFI-commands-inside-test-expressions.patch Patch0276: 0276-efi-loader-Check-if-NX-is-required-in-grub_efi_linux.patch Patch0277: 0277-Stop-grub.efi-from-always-printing-dynamic_load_symb.patch Patch0278: 0278-acpi-Fix-out-of-bounds-access-in-grub_acpi_xsdt_find.patch +Patch0279: 0279-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch diff --git a/grub2.spec b/grub2.spec index a320533..fdfe73b 100644 --- a/grub2.spec +++ b/grub2.spec @@ -17,7 +17,7 @@ Name: grub2 Epoch: 1 Version: 2.12 -Release: 10%{?dist} +Release: 11%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPL-3.0-or-later URL: http://www.gnu.org/software/grub/ @@ -560,6 +560,9 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Wed Oct 23 2024 Nicolas Frayer 2.12-11 +- cmd/search: Fix a possible NULL ptr dereference + * Thu Oct 17 2024 Nicolas Frayer 2.12-10 - acpi: Fix out of bounds access in grub_acpi_xsdt_find_table() - Resolves: #2317048