From 9961e63642244617b697d93bbc49379e23b6839d Mon Sep 17 00:00:00 2001 From: Hector Marco-Gisbert Date: Fri, 13 Nov 2015 16:21:09 +0100 Subject: [PATCH 136/251] Fix security issue when reading username and password This patch fixes two integer underflows at: * grub-core/lib/crypto.c * grub-core/normal/auth.c Resolves: CVE-2015-8370 Signed-off-by: Hector Marco-Gisbert Signed-off-by: Ismael Ripoll-Ripoll --- grub-core/lib/crypto.c | 2 +- grub-core/normal/auth.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c index ca334d5a40e..e6c78d16d39 100644 --- a/grub-core/lib/crypto.c +++ b/grub-core/lib/crypto.c @@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size) break; } - if (key == '\b') + if (key == '\b' && cur_len) { if (cur_len) cur_len--; diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c index 6be678c0de1..c35ce972473 100644 --- a/grub-core/normal/auth.c +++ b/grub-core/normal/auth.c @@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size) break; } - if (key == GRUB_TERM_BACKSPACE) + if (key == GRUB_TERM_BACKSPACE && cur_len) { if (cur_len) { -- 2.17.1