grub2/0281-verifiers-Fix-calling-uninitialized-function-pointer.patch
Javier Martinez Canillas b141171629
Appended signatures support, unify GRUB config location and some fixes
- Remove -fcf-protection compiler flag to allow i386 builds (law)
  Related: rhbz#1915452
- Unify GRUB configuration file location across all platforms
  Related: rhbz#1918817
- Add 'at_keyboard_fallback_set' var to force the set manually (rmetrich)
- Add appended signatures support for ppc64le LPAR Secure Boot (daxtens)

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2021-02-09 01:04:42 +01:00

41 lines
1.4 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Tue, 18 Feb 2020 18:08:18 +0800
Subject: [PATCH] verifiers: Fix calling uninitialized function pointer
The necessary check for NULL before use of function ver->close is not
taking place in the failure path. This patch simply adds the missing
check and fixes the problem that GRUB hangs indefinitely after booting
rogue image without valid signature if secure boot is turned on.
Now it displays like this for booting rogue UEFI image:
error: bad shim signature
error: you need to load the kernel first
Press any key to continue...
and then you can go back to boot menu by pressing any key or after a few
seconds expired.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/commands/verifiers.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/grub-core/commands/verifiers.c b/grub-core/commands/verifiers.c
index 0dde4818267..7b9297cd345 100644
--- a/grub-core/commands/verifiers.c
+++ b/grub-core/commands/verifiers.c
@@ -196,7 +196,8 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type)
return ret;
fail:
- ver->close (context);
+ if (ver->close)
+ ver->close (context);
fail_noclose:
verified_free (verified);
grub_free (ret);