]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9c76ec0) | patch
font: Fix several integer overflows in grub_font_construct_glyph()
authorZhang Boyang <zhangboyang.id@gmail.com>
Thu, 4 Aug 2022 17:58:27 +0000 (01:58 +0800)
committerDaniel Kiper <daniel.kiper@oracle.com>
Mon, 14 Nov 2022 19:24:39 +0000 (20:24 +0100)
commit768e1ef2fc159f6e14e7246e4be09363708ac39e
tree3f8f20f17ee0af963bf45e2f37706755eada8e97tree
parent9c76ec09ae08155df27cd237eaea150b4f02f532commit | diff
font: Fix several integer overflows in grub_font_construct_glyph()

This patch fixes several integer overflows in grub_font_construct_glyph().
Glyphs of invalid size, zero or leading to an overflow, are rejected.
The inconsistency between "glyph" and "max_glyph_size" when grub_malloc()
returns NULL is fixed too.

Fixes: CVE-2022-2601
Reported-by: Zhang Boyang <zhangboyang.id@gmail.com>
Signed-off-by: Zhang Boyang <zhangboyang.id@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/font/font.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git