From: Vladimir Serbinenko <phcoder@gmail.com>
Date: Mon, 7 Jul 2025 14:52:13 +0000 (+0000)
Subject: libgcrypt: Fix Coverity warnings
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e23704ad48ab51a9b4bbe1ef218990b55c28f0e2;p=thirdparty%2Fgrub.git

libgcrypt: Fix Coverity warnings

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---

diff --git a/grub-core/lib/libgcrypt-patches/03_mpiutil_alloc.patch b/grub-core/lib/libgcrypt-patches/03_mpiutil_alloc.patch
new file mode 100644
index 000000000..42c6b2bd7
--- /dev/null
+++ b/grub-core/lib/libgcrypt-patches/03_mpiutil_alloc.patch
@@ -0,0 +1,18 @@
+mpiutil: Fix NULL pointer dereference in case of failed alloc
+
+Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
+
+diff --git a/grub-core/lib/libgcrypt/mpi/mpiutil.c b/grub-core/lib/libgcrypt/mpi/mpiutil.c
+index 3a372374f..dc53db09d 100644
+--- a/grub-core/lib/libgcrypt-grub/mpi/mpiutil.c
++++ b/grub-core/lib/libgcrypt-grub/mpi/mpiutil.c
+@@ -432,6 +432,9 @@ _gcry_mpi_alloc_like( gcry_mpi_t a )
+ 	int n = (a->sign+7)/8;
+ 	void *p = _gcry_is_secure(a->d)? xtrymalloc_secure (n)
+                                        : xtrymalloc (n);
++	if ( !p ) {
++            _gcry_fatal_error (GPG_ERR_ENOMEM, NULL);
++	}
+ 	memcpy( p, a->d, n );
+ 	b = mpi_set_opaque( NULL, p, a->sign );
+     }
diff --git a/grub-core/lib/libgcrypt-patches/03_sexp_free.patch b/grub-core/lib/libgcrypt-patches/03_sexp_free.patch
new file mode 100644
index 000000000..1c0ffd644
--- /dev/null
+++ b/grub-core/lib/libgcrypt-patches/03_sexp_free.patch
@@ -0,0 +1,35 @@
+sexp: Add missing free on error path
+
+Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
+
+diff --git a/grub-core/lib/libgcrypt/src/sexp.c b/grub-core/lib/libgcrypt/src/sexp.c
+index d15f1a790..250559f75 100644
+--- a/grub-core/lib/libgcrypt-grub/src/sexp.c
++++ b/grub-core/lib/libgcrypt-grub/src/sexp.c
+@@ -1157,6 +1157,17 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+                               }                                            \
+                        } while (0)
+ 
++#define MAKE_SPACE_EXTRA_CLEANUP(n, cleanup)  do {				\
++                            gpg_err_code_t _ms_err = make_space (&c, (n)); \
++                            if (_ms_err)                                   \
++                              {                                            \
++                                err = _ms_err;                             \
++                                *erroff = p - buffer;                      \
++				cleanup;				   \
++                                goto leave;                                \
++                              }                                            \
++                       } while (0)
++
+   /* The STORE_LEN macro is used to store the length N at buffer P. */
+ #define STORE_LEN(p,n) do {						   \
+ 			    DATALEN ashort = (n);			   \
+@@ -1368,7 +1379,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+                   goto leave;
+                 }
+ 
+-              MAKE_SPACE (datalen);
++              MAKE_SPACE_EXTRA_CLEANUP (datalen, xfree (b64buf));
+               *c.pos++ = ST_DATA;
+               STORE_LEN (c.pos, datalen);
+               for (i = 0; i < datalen; i++)