74f9c62794
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com> (cherry picked from commit c141a13130da5dca205b607533751a6ba6c9581e)
45 lines
1.5 KiB
Diff
45 lines
1.5 KiB
Diff
From 6feae07f953bee6ce82efda19a695d187a32f987 Mon Sep 17 00:00:00 2001
|
|
From: Alec Brown <alec.r.brown@oracle.com>
|
|
Date: Tue, 4 Feb 2025 15:11:11 +0000
|
|
Subject: [PATCH 69/73] normal/menu: Use safe math to avoid an integer overflow
|
|
|
|
The Coverity indicates that the variable current_entry might overflow.
|
|
To prevent this use safe math when adding GRUB_MENU_PAGE_SIZE to current_entry.
|
|
|
|
On the occasion fix limiting condition which was broken.
|
|
|
|
Fixes: CID 473853
|
|
|
|
Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
|
|
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
---
|
|
grub-core/normal/menu.c | 5 ++---
|
|
1 file changed, 2 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/grub-core/normal/menu.c b/grub-core/normal/menu.c
|
|
index 47cfd93..c2d7bb5 100644
|
|
--- a/grub-core/normal/menu.c
|
|
+++ b/grub-core/normal/menu.c
|
|
@@ -33,6 +33,7 @@
|
|
#include <grub/gfxterm.h>
|
|
#include <grub/dl.h>
|
|
#include <grub/crypttab.h>
|
|
+#include <grub/safemath.h>
|
|
|
|
/* Time to delay after displaying an error message about a default/fallback
|
|
entry failing to boot. */
|
|
@@ -836,9 +837,7 @@ run_menu (grub_menu_t menu, int nested, int *auto_boot, int *notify_boot)
|
|
|
|
case GRUB_TERM_CTRL | 'c':
|
|
case GRUB_TERM_KEY_NPAGE:
|
|
- if (current_entry + GRUB_MENU_PAGE_SIZE < menu->size)
|
|
- current_entry += GRUB_MENU_PAGE_SIZE;
|
|
- else
|
|
+ if (grub_add (current_entry, GRUB_MENU_PAGE_SIZE, ¤t_entry) || current_entry >= menu->size)
|
|
current_entry = menu->size - 1;
|
|
menu_set_chosen_entry (current_entry);
|
|
break;
|
|
--
|
|
2.33.0
|
|
|