From: Maxim Fomin <maxim@fomin.one>
Date: Wed, 28 Dec 2022 17:40:06 +0000 (+0000)
Subject: kern/fs: Fix possible integer overflow in i386-pc mode with large partitions
X-Git-Tag: grub-2.12-rc1~177
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1a241e050652472efa62b2b36ad2fa7f82427b83;p=thirdparty%2Fgrub.git

kern/fs: Fix possible integer overflow in i386-pc mode with large partitions

The i386-pc mode supports MBR partition scheme where maximum partition
size is 2 TiB. In case of large partitions left shift expression with
unsigned long int "length" object may cause integer overflow making
calculated partition size less than true value. This issue is fixed by
increasing the size of "length" integer type.

Signed-off-by: Maxim Fomin <maxim@fomin.one>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---

diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c
index b9508296d..7ad0aaf4e 100644
--- a/grub-core/kern/fs.c
+++ b/grub-core/kern/fs.c
@@ -130,7 +130,7 @@ grub_fs_probe (grub_device_t device)
 struct grub_fs_block
 {
   grub_disk_addr_t offset;
-  unsigned long length;
+  grub_disk_addr_t length;
 };
 
 static grub_err_t