Re: [PATCH v3 0/5] Fix coverity bugs and add checks for elf values in grub-core

[Darren Kenny]

Hi Alec,

This all looks good to me, so for the series:

Reviewed-by: Darren Kenny <darren.kenny@oracle.com>

Thanks,

Darren.

On Wednesday, 2022-04-20 at 22:23:12 -04, Alec Brown wrote:
> v3: Added check for e_shoff, made starting words lowercase in error messages,
> and added comment to why return pointers are set to 0.
>
> Coverity identified several untrusted loop bounds and untrusted allocation 
> size
> bugs in grub-core/loader/i386/bsdXX.c and grub-core/loader/multiboot_elfXX.c.
> Upon review of these bugs, I found that specific checks weren't being made to
> various elf header values based on the elf manual page. This patch series
> addresses the coverity bugs, as well as adds functions to check for the 
> correct
> elf header values.
>
> The Coverity bugs being addressed are:
> CID 314018
> CID 314030
> CID 314031
> CID 314039
>
> Alec Brown (5):
>       grub-core/loader/i386/bsdXX.c: Avoid downcasting (char *) to (Elf_Shdr 
> *)
>       elf: Validate number of elf section header table entries
>       elf: Validate elf section header table index for section name string 
> table
>       elf: Validate number of elf program header table entries
>       util/grub-module-verifierXX.c: Add e_shoff check in get_shdr()
>
>  grub-core/kern/elf.c               |  15 +++++++++++++++
>  grub-core/kern/elfXX.c             | 101 
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  grub-core/loader/i386/bsdXX.c      | 137 
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------
>  grub-core/loader/multiboot_elfxx.c |  76 
> +++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------
>  include/grub/elf.h                 |  18 ++++++++++++++++++
>  util/grub-module-verifierXX.c      |   3 +++
>  6 files changed, 273 insertions(+), 77 deletions(-)