git.ipfire.org Git - thirdparty/grub.git/commit

]> git.ipfire.org Git - thirdparty/grub.git/commit

projects / thirdparty / grub.git / commit

author	B Horn <b@horn.uk>
	Thu, 18 Apr 2024 18:04:13 +0000 (19:04 +0100)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Thu, 23 Jan 2025 15:22:47 +0000 (16:22 +0100)
commit	d8a937ccae5c6d86dc4375698afca5cefdcd01e1
tree	f0f288bd4cffafb5c4d2222e9a7dd215c5ce938d	tree \| snapshot
parent	8a7103fddfd6664f41081f3bb88eebbf2871da2a	commit \| diff

script/execute: Limit the recursion depth

If unbounded recursion is allowed it becomes possible to collide the
stack with the heap. As UEFI firmware often lacks guard pages this
becomes an exploitable issue as it is possible in some cases to do
a controlled overwrite of a section of this heap region with
arbitrary data.

Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

grub-core/script/execute.c

diff | blob | blame | history

Mirror of https://git.savannah.gnu.org/git/grub.git

RSS Atom