From 0e7319137988574f4da6eebee6ad1eef30887cfd Mon Sep 17 00:00:00 2001 From: Nicolas Frayer Date: Wed, 16 Oct 2024 17:57:56 +0200 Subject: [PATCH] cmd/search: Fix a possible NULL ptr dereference Resolves: #RHEL-61263 Signed-off-by: Nicolas Frayer --- ...-Fix-a-possible-NULL-ptr-dereference.patch | 59 +++++++++++++++++++ grub.patches | 1 + grub2.spec | 6 +- 3 files changed, 65 insertions(+), 1 deletion(-) create mode 100644 0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch diff --git a/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch b/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch new file mode 100644 index 00000000..a3bc50d1 --- /dev/null +++ b/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch @@ -0,0 +1,59 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Nicolas Frayer +Date: Wed, 16 Oct 2024 15:50:32 +0200 +Subject: [PATCH] cmd/search: Fix a possible NULL ptr dereference + +When querying about a partition UUID, we're not checking +for get_device_uuid() return value, which can possibly +result in dereferencing a NULL pointer. + +Signed-off-by: Nicolas Frayer +Co-authored-by: Chuong Tran +--- + grub-core/commands/search.c | 28 +++++++++++++++------------- + 1 file changed, 15 insertions(+), 13 deletions(-) + +diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c +index c052cb098c36..ab0122704c34 100644 +--- a/grub-core/commands/search.c ++++ b/grub-core/commands/search.c +@@ -211,24 +211,26 @@ iterate_device (const char *name, void *data) + struct uuid_context uuid_ctx; + int ret = 0; + +- get_device_uuid(name, &quid_name); +- if (!grub_strcmp(quid_name, ctx->key)) ++ if (get_device_uuid(name, &quid_name)) + { +- uuid_ctx.name = name; +- uuid_ctx.uuid = quid_name; ++ if (!grub_strcmp(quid_name, ctx->key)) ++ { ++ uuid_ctx.name = name; ++ uuid_ctx.uuid = quid_name; + +- ret = grub_device_iterate (check_for_duplicate, &uuid_ctx); ++ ret = grub_device_iterate (check_for_duplicate, &uuid_ctx); + +- if (ret) +- { +- grub_printf("Duplicated media UUID found, rebooting ...\n"); +- grub_sleep(10); +- grub_reboot(); +- } +- } ++ if (ret) ++ { ++ grub_printf("Duplicated media UUID found, rebooting ...\n"); ++ grub_sleep(10); ++ grub_reboot(); ++ } ++ } + +- if (quid_name) grub_free (quid_name); ++ if (quid_name) grub_free (quid_name); + ++ } + } + } + } diff --git a/grub.patches b/grub.patches index e79df3f7..83edcfbe 100644 --- a/grub.patches +++ b/grub.patches @@ -349,3 +349,4 @@ Patch0348: 0348-chainloader-remove-device-path-debug-message.patch Patch0349: 0349-grub2-mkconfig-Simplify-os_name-detection.patch Patch0350: 0350-grub-mkconfig-Remove-check-for-mount-point-for-grub-.patch Patch0351: 0351-arm64-Use-proper-memory-type-for-kernel-allocation.patch +Patch0352: 0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch diff --git a/grub2.spec b/grub2.spec index db23775a..899bb026 100644 --- a/grub2.spec +++ b/grub2.spec @@ -16,7 +16,7 @@ Name: grub2 Epoch: 1 Version: 2.06 -Release: 92%{?dist} +Release: 93%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -547,6 +547,10 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Wed Oct 16 2024 Nicolas Frayer 2.06-93 +- cmd/search: Fix a possible NULL ptr dereference +- Resolves: #RHEL-61263 + * Tue Aug 13 2024 Nicolas Frayer - 2.06-92 - arm64/linux: Allocate memory for kernel with EFI_LOADER_CODE type - Resolves: #RHEL-49868