import CS grub2-2.06-94.el9

2025-03-11 07:23:50 +00:00 · 2025-03-11 07:23:50 +00:00 · 28be617175
commit 28be617175
parent 46e7ed602b
4 changed files with 101 additions and 1 deletions
--- a/SOURCES/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch
+++ b/SOURCES/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch
@ -0,0 +1,59 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Nicolas Frayer <nfrayer@redhat.com>
+Date: Wed, 16 Oct 2024 15:50:32 +0200
+Subject: [PATCH] cmd/search: Fix a possible NULL ptr dereference
+
+When querying about a partition UUID, we're not checking
+for get_device_uuid() return value, which can possibly
+result in dereferencing a NULL pointer.
+
+Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
+Co-authored-by: Chuong Tran <anhchuong89@gmail.com>
+---
+ grub-core/commands/search.c | 28 +++++++++++++++-------------
+ 1 file changed, 15 insertions(+), 13 deletions(-)
+
+diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c
+index c052cb098c36..ab0122704c34 100644
+--- a/grub-core/commands/search.c
+++ b/grub-core/commands/search.c
+@@ -211,24 +211,26 @@ iterate_device (const char *name, void *data)
+                     struct uuid_context uuid_ctx;
+                     int ret = 0;
+ 
+-                    get_device_uuid(name, &quid_name);
+-                    if (!grub_strcmp(quid_name, ctx->key))
+                    if (get_device_uuid(name, &quid_name))
+                       {
+-                        uuid_ctx.name = name;
+-                        uuid_ctx.uuid = quid_name;
+                      if (!grub_strcmp(quid_name, ctx->key))
+                        {
+                          uuid_ctx.name = name;
+                          uuid_ctx.uuid = quid_name;
+ 
+-                        ret = grub_device_iterate (check_for_duplicate, &uuid_ctx);
+                          ret = grub_device_iterate (check_for_duplicate, &uuid_ctx);
+ 
+-                        if (ret)
+-                          {
+-                            grub_printf("Duplicated media UUID found, rebooting ...\n");
+-                            grub_sleep(10);
+-                            grub_reboot();
+-                          }
+-                      }
+                          if (ret)
+                            {
+                              grub_printf("Duplicated media UUID found, rebooting ...\n");
+                              grub_sleep(10);
+                              grub_reboot();
+                            }
+                        }
+ 
+-                    if (quid_name) grub_free (quid_name);
+                      if (quid_name) grub_free (quid_name);
+ 
+                    }
+                   }
+               }
+ 	  }
--- a/SOURCES/0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch
+++ b/SOURCES/0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch
@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Marta Lewandowska <mlewando@redhat.com>
+Date: Thu, 21 Nov 2024 11:32:18 -0600
+Subject: [PATCH] 10_linux.in: escape semicolon and ampersand on BLS upddate
+
+Besides escaping the character '/', escape ';' and '&' which may be set on on
+kernel parameters.
+
+Resolves: #RHEL-25558
+Signed-off-by: Marta Lewandowska <mlewando@redhat.com>
+Reviewed-by: Leo Sandoval <lsandova@redhat.com>
+---
+ util/grub.d/10_linux.in | 2 ++
+ 1 file changed, 2 insertions(+)
+ mode change 100644 => 100755 util/grub.d/10_linux.in
+
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+old mode 100644
+new mode 100755
+index 041a11529..7754ef853
+--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
+@@ -176,6 +176,8 @@ update_bls_cmdline()
+             options="${options} ${GRUB_CMDLINE_LINUX_DEBUG}"
+         fi
+         options="$(echo "${options}" | sed -e 's/\//\\\//g')"
+        options="$(echo "${options}" | sed -e 's/\;/\\\;/g')"
+        options="$(echo "${options}" | sed -e 's/\\&/\\\\&/g')"
+         sed -i -e "s/^options.*/options ${options}/" "${blsdir}/${bls}.conf"
+     done
+ }
--- a/SOURCES/grub.patches
+++ b/SOURCES/grub.patches
@ -349,3 +349,5 @@ Patch0348: 0348-chainloader-remove-device-path-debug-message.patch
 Patch0349: 0349-grub2-mkconfig-Simplify-os_name-detection.patch
 Patch0350: 0350-grub-mkconfig-Remove-check-for-mount-point-for-grub-.patch
 Patch0351: 0351-arm64-Use-proper-memory-type-for-kernel-allocation.patch
+Patch0352: 0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch
+Patch0353: 0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch
--- a/SPECS/grub2.spec
+++ b/SPECS/grub2.spec
@ -16,7 +16,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.06
-Release:	92%{?dist}
+Release:	94%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@ -547,6 +547,14 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
 %endif

 %changelog
+* Thu Nov 21 2024 Leo Sandoval <lsandova@redhat.com> - 2.06-94
+- 10_linux.in: escape semicolon and ampersand on BLS upddate
+- Resolves: #RHEL-25558
+
+* Wed Oct 16 2024 Nicolas Frayer <nfrayer@redhat.com> 2.06-93
+- cmd/search: Fix a possible NULL ptr dereference
+- Resolves: #RHEL-61263
+
 * Tue Aug 13 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.06-92
 - arm64/linux: Allocate memory for kernel with EFI_LOADER_CODE type
 - Resolves: #RHEL-49868