46968b6e63
Resolves: CVE-2020-14372 Resolves: CVE-2020-25632 Resolves: CVE-2020-25647 Resolves: CVE-2020-27749 Resolves: CVE-2020-27779 Resolves: CVE-2021-20225 Resolves: CVE-2021-20233 Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
49 lines
1.5 KiB
Diff
49 lines
1.5 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Javier Martinez Canillas <javierm@redhat.com>
|
|
Date: Mon, 9 Mar 2020 15:30:05 +0100
|
|
Subject: [PATCH] efi/ip4_config: Improve check to detect literal IPv6
|
|
addresses
|
|
|
|
The grub_efi_string_to_ip4_address() function wrongly assumes that an IPv6
|
|
address is an IPv4 address, because it doesn't take into account the case
|
|
of a caller passing an IPv6 address as a string.
|
|
|
|
This leads to the grub_efi_net_parse_address() function to fail and print
|
|
the following error message:
|
|
|
|
error: net/efi/net.c:785:unrecognised network address '2000:dead:beef:a::1'
|
|
|
|
Resolves: rhbz#1732765
|
|
|
|
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
|
|
---
|
|
grub-core/net/efi/ip4_config.c | 13 ++++++++++++-
|
|
1 file changed, 12 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/grub-core/net/efi/ip4_config.c b/grub-core/net/efi/ip4_config.c
|
|
index b711a5d9457..313c818b184 100644
|
|
--- a/grub-core/net/efi/ip4_config.c
|
|
+++ b/grub-core/net/efi/ip4_config.c
|
|
@@ -56,9 +56,20 @@ int
|
|
grub_efi_string_to_ip4_address (const char *val, grub_efi_ipv4_address_t *address, const char **rest)
|
|
{
|
|
grub_uint32_t newip = 0;
|
|
- int i;
|
|
+ int i, ncolon = 0;
|
|
const char *ptr = val;
|
|
|
|
+ /* Check that is not an IPv6 address */
|
|
+ for (i = 0; i < grub_strlen(ptr); i++)
|
|
+ {
|
|
+ if (ptr[i] == '[' && i == 0)
|
|
+ return 0;
|
|
+
|
|
+ if (ptr[i] == ':')
|
|
+ if (i == 0 || ++ncolon == 2)
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
for (i = 0; i < 4; i++)
|
|
{
|
|
unsigned long t;
|