]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 09bd6eb) | patch
gettext: Integer overflow leads to heap OOB write
authorLidong Chen <lidong.chen@oracle.com>
Fri, 22 Nov 2024 06:27:57 +0000 (06:27 +0000)
committerDaniel Kiper <daniel.kiper@oracle.com>
Thu, 13 Feb 2025 14:45:56 +0000 (15:45 +0100)
commitb970a5ed967816bbca8225994cd0ee2557bad515
tree420e85fe14ca891721b05929a609ce2d10f918c8tree
parent09bd6eb58b0f71ec273916070fa1e2de16897a91commit | diff
gettext: Integer overflow leads to heap OOB write

The size calculation of the translation buffer in
grub_gettext_getstr_from_position() may overflow
to 0 leading to heap OOB write. This patch fixes
the issue by using grub_add() and checking for
an overflow.

Fixes: CVE-2024-45777
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
grub-core/gettext/gettext.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git