src/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch

   1 From 88c9657960a6c5d3673a25c266781e876c181add Mon Sep 17 00:00:00 2001
   2 From: Hector Marco-Gisbert <hecmargi@upv.es>
   3 Date: Fri, 13 Nov 2015 16:21:09 +0100
   4 Subject: [PATCH] Fix security issue when reading username and password
   5
   6   This patch fixes two integer underflows at:
   7     * grub-core/lib/crypto.c
   8     * grub-core/normal/auth.c
   9
  10 Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
  11 Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
  12 ---
  13  grub-core/lib/crypto.c  | 2 +-
  14  grub-core/normal/auth.c | 2 +-
  15  2 files changed, 2 insertions(+), 2 deletions(-)
  16
  17 diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
  18 index 010e550..524a3d8 100644
  19 --- a/grub-core/lib/crypto.c
  20 +++ b/grub-core/lib/crypto.c
  21 @@ -456,7 +456,7 @@ grub_password_get (char buf[], unsigned buf_size)
  22           break;
  23         }
  24
  25 -      if (key == '\b')
  26 +      if (key == '\b' && cur_len)
  27         {
  28           cur_len--;
  29           continue;
  30 diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
  31 index c6bd96e..5782ec5 100644
  32 --- a/grub-core/normal/auth.c
  33 +++ b/grub-core/normal/auth.c
  34 @@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size)
  35           break;
  36         }
  37
  38 -      if (key == '\b')
  39 +      if (key == '\b' && cur_len)
  40         {
  41           cur_len--;
  42           grub_printf ("\b");
  43 --
  44 1.9.1
  45