From: Alec Brown <alec.r.brown@oracle.com>
Date: Thu, 26 May 2022 19:29:51 +0000 (-0400)
Subject: util/grub-module-verifierXX: Add e_shoff check in get_shdr()
X-Git-Tag: grub-2.12-rc1~363
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=27e53de2fdb317514a0dc1d2836106e30fa863bd;p=thirdparty%2Fgrub.git

util/grub-module-verifierXX: Add e_shoff check in get_shdr()

In util/grub-module-verifierXX.c, the function get_shdr() is used to obtain the
section header at a given index but isn't checking that there is an offset for
the section header table. To validate that there is, we can check that e_shoff
isn't 0.

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
---

diff --git a/util/grub-module-verifierXX.c b/util/grub-module-verifierXX.c
index 4e6cf133f..cf3ff0dfa 100644
--- a/util/grub-module-verifierXX.c
+++ b/util/grub-module-verifierXX.c
@@ -134,6 +134,9 @@ grub_target_to_host_real (const struct grub_module_verifier_arch *arch, grub_uin
 static Elf_Shdr *
 get_shdr (const struct grub_module_verifier_arch *arch, Elf_Ehdr *e, Elf_Word index)
 {
+  if (grub_target_to_host (e->e_shoff) == 0)
+    grub_util_error ("Invalid section header offset");
+
   return (Elf_Shdr *) ((char *) e + grub_target_to_host (e->e_shoff) +
 		       index * grub_target_to_host16 (e->e_shentsize));
 }