git.ipfire.org Git - thirdparty/grub.git/commit

author	Alec Brown <alec.r.brown@oracle.com>
	Thu, 9 Mar 2023 19:43:59 +0000 (14:43 -0500)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Tue, 14 Mar 2023 15:07:54 +0000 (16:07 +0100)
commit	ee0dbd86e54af1d1b582cf0161861e928f8c333e
tree	ee5b0ceebd2ccd050b6af507bdf4bf53e87b797f	tree \| snapshot
parent	954d5ce309b623575d77b13d767d963705f3a7c8	commit \| diff

util/grub-module-verifierXX: Add module_size parameter to functions for sanity checking

In grub-module-verifierXX.c, the function grub_module_verifyXX() performs an
initial check that the ELF section headers are within the module's size, but
doesn't check if the sections being accessed have contents that are within the
module's size. In particular, we need to check that sh_offset and sh_size are
less than the module's size. However, for some section header types we don't
need to make these checks. For the type SHT_NULL, the section header is marked
as inactive and the rest of the members within the section header have undefined
values, so we don't need to check for sh_offset or sh_size. In the case of the
type SHT_NOBITS, sh_offset has a conceptual offset which may be beyond the
module size. Also, this type's sh_size may have a non-zero size, but a section
of this type will take up no space in the module. This can all be checked in the
function get_shdr(), but in order to do so, the parameter module_size must be
added to functions so that the value of the module size can be used in
get_shdr() from grub_module_verifyXX().

Also, had to rework some for loops to ensure the index passed to get_shdr() is
within bounds.

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>