]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6608163) | patch
fs: Prevent overflows when allocating memory for arrays
authorLidong Chen <lidong.chen@oracle.com>
Tue, 21 Jan 2025 19:02:37 +0000 (19:02 +0000)
committerDaniel Kiper <daniel.kiper@oracle.com>
Thu, 13 Feb 2025 14:45:57 +0000 (15:45 +0100)
commit84bc0a9a68835952ae69165c11709811dae7634e
treeafe708c539cb26cd46577f6892dd633f36ad8a7atree
parent6608163b08a7a8be4b0ab2a5cd4593bba07fe2b7commit | diff
fs: Prevent overflows when allocating memory for arrays

Use grub_calloc() when allocating memory for arrays to ensure proper
overflow checks are in place.

The HFS+ and squash4 security vulnerabilities were reported by
Jonathan Bar Or <jonathanbaror@gmail.com>.

Fixes: CVE-2025-0678
Fixes: CVE-2025-1125
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/fs/btrfs.c diff | blob | blame | history
grub-core/fs/hfspluscomp.c diff | blob | blame | history
grub-core/fs/squash4.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git