From: Andrei Borzenkov <arvidjaar@gmail.com>
Date: Fri, 28 Nov 2014 17:45:27 +0000 (+0300)
Subject: grub-install-common: avoid out of bound access when read failed
X-Git-Tag: 2.02-beta3~603
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0415dbe28f3dc3520b70745b3bd78073f094fb4d;p=thirdparty%2Fgrub.git

grub-install-common: avoid out of bound access when read failed

Check that modinfo.sh could be read successfully; abort on error. Avoids
potential out-of-bound array access.

CID: 73819
---

diff --git a/ChangeLog b/ChangeLog
index 930ceb20c..e46b9995b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
 2014-11-28  Andrei Borzenkov  <arvidjaar@gmail.com>
 
+	* util/grub-install-common.c (grub_install_get_target): Check return
+	value of grub_util_fd_read (Coverity CID 73819).
 	* util/grub-mkstandalone.c (add_tar_file): Fix out of bound access
 	to hd.magic (Coverity CID 73587, 73888, bug 43690).
 
diff --git a/util/grub-install-common.c b/util/grub-install-common.c
index c8bedcb2e..4b5d4d486 100644
--- a/util/grub-install-common.c
+++ b/util/grub-install-common.c
@@ -911,6 +911,8 @@ grub_install_get_target (const char *src)
     grub_util_error (_("%s doesn't exist. Please specify --target or --directory"), 
 		     fn);
   r = grub_util_fd_read (f, buf, sizeof (buf) - 1);
+  if (r < 0)
+    grub_util_error (_("cannot read `%s': %s"), fn, strerror (errno));
   grub_util_fd_close (f);
   buf[r] = '\0';
   c = strstr (buf, "grub_modinfo_target_cpu=");