[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-
From: |
Darren Kenny |
Subject: |
Re: [PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core |
Date: |
Mon, 30 May 2022 10:02:29 +0100 |
Hi Alec,
All of these look great, so:
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Thanks for looking at the Coverity issues,
Darren.
On Thursday, 2022-05-26 at 15:29:46 -04, Alec Brown wrote:
> Coverity identified several untrusted loop bounds and untrusted allocation
> size
> bugs in grub-core/loader/i386/bsdXX.c and grub-core/loader/multiboot_elfXX.c.
> Upon review of these bugs, I found that specific checks weren't being made to
> various elf header values based on the elf manual page. The first four patches
> in this patch series address the coverity bugs, as well as adds functions to
> check for the correct elf header values. The last two patches adds fixes to
> previous work done in util/grub-module-verifierXX.c that also relates to
> making
> checks of elf header values.
>
> The Coverity bugs being addressed are:
> CID 314018
> CID 314030
> CID 314031
> CID 314039
>
> Alec Brown (6):
> grub-core/loader/i386/bsdXX.c: Avoid downcasting (char *) to (Elf_Shdr
> *)
> elf: Validate number of elf section header table entries
> elf: Validate elf section header table index for section name string
> table
> elf: Validate number of elf program header table entries
> util/grub-module-verifierXX.c: Add e_shoff check in get_shdr()
> util/grub-module-verifierXX.c: Changed get_shnum() return type
>
> grub-core/kern/elf.c | 18 ++++++++++++++++++
> grub-core/kern/elfXX.c | 101
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> grub-core/loader/i386/bsdXX.c | 142
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------------------------------------------------------
> grub-core/loader/multiboot_elfxx.c | 79
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------
> include/grub/elf.h | 23 +++++++++++++++++++++++
> util/grub-module-verifierXX.c | 13 +++++++++----
> 6 files changed, 290 insertions(+), 86 deletions(-)
- [PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core, Alec Brown, 2022/05/26
- [PATCH 4/6] elf: Validate number of elf program header table entries, Alec Brown, 2022/05/26
- [PATCH 1/6] grub-core/loader/i386/bsdXX.c: Avoid downcasting (char *) to (Elf_Shdr *), Alec Brown, 2022/05/26
- [PATCH 5/6] util/grub-module-verifierXX.c: Add e_shoff check in get_shdr(), Alec Brown, 2022/05/26
- [PATCH 2/6] elf: Validate number of elf section header table entries, Alec Brown, 2022/05/26
- [PATCH 6/6] util/grub-module-verifierXX.c: Changed get_shnum() return type, Alec Brown, 2022/05/26
- [PATCH 3/6] elf: Validate elf section header table index for section name string table, Alec Brown, 2022/05/26
- Re: [PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core, Daniel Kiper, 2022/05/27
- Re: [PATCH 0/6] Fix coverity bugs and add checks for elf values in grub-core,
Darren Kenny <=