From 28be617175d1ba4c699f2adac7c826667e77647c Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 11 Mar 2025 07:23:50 +0000 Subject: [PATCH] import CS grub2-2.06-94.el9 --- ...-Fix-a-possible-NULL-ptr-dereference.patch | 59 +++++++++++++++++++ ...pe-semicolon-and-ampersand-on-BLS-up.patch | 31 ++++++++++ SOURCES/grub.patches | 2 + SPECS/grub2.spec | 10 +++- 4 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch create mode 100644 SOURCES/0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch diff --git a/SOURCES/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch b/SOURCES/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch new file mode 100644 index 0000000..a3bc50d --- /dev/null +++ b/SOURCES/0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch @@ -0,0 +1,59 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Nicolas Frayer +Date: Wed, 16 Oct 2024 15:50:32 +0200 +Subject: [PATCH] cmd/search: Fix a possible NULL ptr dereference + +When querying about a partition UUID, we're not checking +for get_device_uuid() return value, which can possibly +result in dereferencing a NULL pointer. + +Signed-off-by: Nicolas Frayer +Co-authored-by: Chuong Tran +--- + grub-core/commands/search.c | 28 +++++++++++++++------------- + 1 file changed, 15 insertions(+), 13 deletions(-) + +diff --git a/grub-core/commands/search.c b/grub-core/commands/search.c +index c052cb098c36..ab0122704c34 100644 +--- a/grub-core/commands/search.c ++++ b/grub-core/commands/search.c +@@ -211,24 +211,26 @@ iterate_device (const char *name, void *data) + struct uuid_context uuid_ctx; + int ret = 0; + +- get_device_uuid(name, &quid_name); +- if (!grub_strcmp(quid_name, ctx->key)) ++ if (get_device_uuid(name, &quid_name)) + { +- uuid_ctx.name = name; +- uuid_ctx.uuid = quid_name; ++ if (!grub_strcmp(quid_name, ctx->key)) ++ { ++ uuid_ctx.name = name; ++ uuid_ctx.uuid = quid_name; + +- ret = grub_device_iterate (check_for_duplicate, &uuid_ctx); ++ ret = grub_device_iterate (check_for_duplicate, &uuid_ctx); + +- if (ret) +- { +- grub_printf("Duplicated media UUID found, rebooting ...\n"); +- grub_sleep(10); +- grub_reboot(); +- } +- } ++ if (ret) ++ { ++ grub_printf("Duplicated media UUID found, rebooting ...\n"); ++ grub_sleep(10); ++ grub_reboot(); ++ } ++ } + +- if (quid_name) grub_free (quid_name); ++ if (quid_name) grub_free (quid_name); + ++ } + } + } + } diff --git a/SOURCES/0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch b/SOURCES/0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch new file mode 100644 index 0000000..22402d4 --- /dev/null +++ b/SOURCES/0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch @@ -0,0 +1,31 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Marta Lewandowska +Date: Thu, 21 Nov 2024 11:32:18 -0600 +Subject: [PATCH] 10_linux.in: escape semicolon and ampersand on BLS upddate + +Besides escaping the character '/', escape ';' and '&' which may be set on on +kernel parameters. + +Resolves: #RHEL-25558 +Signed-off-by: Marta Lewandowska +Reviewed-by: Leo Sandoval +--- + util/grub.d/10_linux.in | 2 ++ + 1 file changed, 2 insertions(+) + mode change 100644 => 100755 util/grub.d/10_linux.in + +diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in +old mode 100644 +new mode 100755 +index 041a11529..7754ef853 +--- a/util/grub.d/10_linux.in ++++ b/util/grub.d/10_linux.in +@@ -176,6 +176,8 @@ update_bls_cmdline() + options="${options} ${GRUB_CMDLINE_LINUX_DEBUG}" + fi + options="$(echo "${options}" | sed -e 's/\//\\\//g')" ++ options="$(echo "${options}" | sed -e 's/\;/\\\;/g')" ++ options="$(echo "${options}" | sed -e 's/\\&/\\\\&/g')" + sed -i -e "s/^options.*/options ${options}/" "${blsdir}/${bls}.conf" + done + } diff --git a/SOURCES/grub.patches b/SOURCES/grub.patches index e79df3f..703c521 100644 --- a/SOURCES/grub.patches +++ b/SOURCES/grub.patches @@ -349,3 +349,5 @@ Patch0348: 0348-chainloader-remove-device-path-debug-message.patch Patch0349: 0349-grub2-mkconfig-Simplify-os_name-detection.patch Patch0350: 0350-grub-mkconfig-Remove-check-for-mount-point-for-grub-.patch Patch0351: 0351-arm64-Use-proper-memory-type-for-kernel-allocation.patch +Patch0352: 0352-cmd-search-Fix-a-possible-NULL-ptr-dereference.patch +Patch0353: 0353-10_linux.in-escape-semicolon-and-ampersand-on-BLS-up.patch \ No newline at end of file diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec index db23775..9dc411d 100644 --- a/SPECS/grub2.spec +++ b/SPECS/grub2.spec @@ -16,7 +16,7 @@ Name: grub2 Epoch: 1 Version: 2.06 -Release: 92%{?dist} +Release: 94%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPLv3+ URL: http://www.gnu.org/software/grub/ @@ -547,6 +547,14 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Thu Nov 21 2024 Leo Sandoval - 2.06-94 +- 10_linux.in: escape semicolon and ampersand on BLS upddate +- Resolves: #RHEL-25558 + +* Wed Oct 16 2024 Nicolas Frayer 2.06-93 +- cmd/search: Fix a possible NULL ptr dereference +- Resolves: #RHEL-61263 + * Tue Aug 13 2024 Nicolas Frayer - 2.06-92 - arm64/linux: Allocate memory for kernel with EFI_LOADER_CODE type - Resolves: #RHEL-49868