packages/grub2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

commands/legacycfg: Avoid closing file twice

Browse Source 
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
(cherry picked from commit fdf98a7720a5e222898b091465b808284ae94d21)
This commit is contained in:
Qiumiao Zhang 2024-12-21 06:40:23 +00:00 committed by openeuler-sync-bot
parent 7366940d8e
commit 4af2214537
3 changed files with 48 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
backport-commands-legacycfg-Avoid-closing-file-twice.patch Normal file
View File

@ -0,0 +1,40 @@
From f26b39860d32e2b9edb30370349e40b1ac7055c8 Mon Sep 17 00:00:00 2001
From: Leo Sandoval <lsandova@redhat.com>
Date: Wed, 16 Oct 2024 11:54:38 -0600
Subject: [PATCH] commands/legacycfg: Avoid closing file twice
An internal (at Red Hat) static soure code scan detected an
use-after-free scenario:
Error: USE_AFTER_FREE (CWE-416):
grub-2.06/grub-core/commands/legacycfg.c:194: freed_arg: "grub_file_close" frees "file".
grub-2.06/grub-core/commands/legacycfg.c:201: deref_arg: Calling "grub_file_close" dereferences freed pointer "file".
# 199| if (!args)
# 200| {
# 201|-> grub_file_close (file);
# 202| grub_free (suffix);
# 203| grub_free (entrysrc);
So, remove the extra file close call.
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/commands/legacycfg.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/grub-core/commands/legacycfg.c b/grub-core/commands/legacycfg.c
index e9e9d94ef..3bf9fe2e4 100644
--- a/grub-core/commands/legacycfg.c
+++ b/grub-core/commands/legacycfg.c
@@ -198,7 +198,6 @@ legacy_file (const char *filename)
const char **args = grub_malloc (sizeof (args[0]));
if (!args)
{
- grub_file_close (file);
grub_free (suffix);
grub_free (entrysrc);
return grub_errno;
--
2.33.0

1
grub.patches
View File

@ -244,3 +244,4 @@ Patch244: 0001-cryptodisk-add-OS-provided-secret-support.patch
Patch245: 0002-efi-Add-API-for-retrieving-the-EFI-secret-for-crypto.patch Patch245: 0002-efi-Add-API-for-retrieving-the-EFI-secret-for-crypto.patch
Patch246: backport-acpi-Fix-out-of-bounds-access-in-grub_acpi_xsdt_find.patch Patch246: backport-acpi-Fix-out-of-bounds-access-in-grub_acpi_xsdt_find.patch
Patch247: backport-commands-efi-tpm-Re-enable-measurements-on-confident.patch Patch247: backport-commands-efi-tpm-Re-enable-measurements-on-confident.patch
Patch248: backport-commands-legacycfg-Avoid-closing-file-twice.patch

8
grub2.spec
View File

@ -19,7 +19,7 @@
Name: grub2 Name: grub2
Epoch: 1 Epoch: 1
Version: 2.12 Version: 2.12
Release: 29 Release: 30
Summary: Bootloader with support for Linux, Multiboot and more Summary: Bootloader with support for Linux, Multiboot and more
License: GPLv3+ License: GPLv3+
URL: http://www.gnu.org/software/grub/ URL: http://www.gnu.org/software/grub/
@ -461,6 +461,12 @@ fi
%{_datadir}/man/man* %{_datadir}/man/man*
%changelog %changelog
* Sat Dec 21 2024 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.12-30
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:commands/legacycfg: Avoid closing file twice
* Fri Dec 13 2024 Ouuleilei <wangliu@iscas.ac.cn> - 1:2.12-29 * Fri Dec 13 2024 Ouuleilei <wangliu@iscas.ac.cn> - 1:2.12-29
- revert sohpgo's modify-efi_max_usable-addr.patch - revert sohpgo's modify-efi_max_usable-addr.patch