6eaa34fe07
- Resolves: CVE-2024-45779 CVE-2024-45778 CVE-2025-1118 - Resolves: CVE-2025-0677 CVE-2024-45782 CVE-2025-0690 - Resolves: CVE-2024-45783 CVE-2025-0624 CVE-2024-45776 - Resolves: CVE-2025-0622 CVE-2024-45774 CVE-2024-45775 - Resolves: CVE-2024-45781 CVE-2024-45780 - Resolves: #RHEL-79700 - Resolves: #RHEL-79341 - Resolves: #RHEL-79875 - Resolves: #RHEL-79849 - Resolves: #RHEL-79707 - Resolves: #RHEL-79857 - Resolves: #RHEL-79709 - Resolves: #RHEL-79846 - Resolves: #RHEL-75737 - Resolves: #RHEL-79713 - Resolves: #RHEL-73785 - Resolves: #RHEL-73787 - Resolves: #RHEL-79704 - Resolves: #RHEL-79702 Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
39 lines
1.3 KiB
Diff
39 lines
1.3 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Alec Brown <alec.r.brown@oracle.com>
|
|
Date: Wed, 12 Feb 2025 10:26:44 -0600
|
|
Subject: [PATCH] disk: Prevent overflows when allocating memory for arrays
|
|
|
|
Use grub_calloc() when allocating memory for arrays to ensure proper
|
|
overflow checks are in place.
|
|
|
|
Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
|
|
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
---
|
|
grub-core/disk/lvm.c | 6 ++----
|
|
1 file changed, 2 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
|
|
index 8257159b3..99f5e7cc6 100644
|
|
--- a/grub-core/disk/lvm.c
|
|
+++ b/grub-core/disk/lvm.c
|
|
@@ -671,8 +671,7 @@ grub_lvm_detect (grub_disk_t disk,
|
|
goto lvs_segment_fail;
|
|
}
|
|
|
|
- seg->nodes = grub_zalloc (sizeof (seg->nodes[0])
|
|
- * seg->node_count);
|
|
+ seg->nodes = grub_calloc (seg->node_count, sizeof (seg->nodes[0]));
|
|
|
|
p = grub_strstr (p, "mirrors = [");
|
|
if (p == NULL)
|
|
@@ -760,8 +759,7 @@ grub_lvm_detect (grub_disk_t disk,
|
|
}
|
|
}
|
|
|
|
- seg->nodes = grub_zalloc (sizeof (seg->nodes[0])
|
|
- * seg->node_count);
|
|
+ seg->nodes = grub_calloc (seg->node_count, sizeof (seg->nodes[0]));
|
|
|
|
p = grub_strstr (p, "raids = [");
|
|
if (p == NULL)
|