grub2/0271-modules-Don-t-allocate-space-for-non-allocable-secti.patch
Robbie Harwood 42b3050a74 CVE fixes for 2022-05-24
CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733
CVE-2021-3697 CVE-2021-3696 CVE-2021-3695
Resolves: #2070688

Signed-off-by: Robbie Harwood <rharwood@redhat.com>
2022-06-03 14:09:47 -04:00

37 lines
1.4 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 21 Mar 2022 16:56:10 -0400
Subject: [PATCH] modules: Don't allocate space for non-allocable sections.
Currently when loading grub modules, we allocate space for all sections,
including those without SHF_ALLOC set. We then copy the sections that
/do/ have SHF_ALLOC set into the allocated memory, leaving some of our
allocation untouched forever. Additionally, on platforms with GOT
fixups and trampolines, we currently compute alignment round-ups for the
sections and sections with sh_size = 0.
This patch removes the extra space from the allocation computation, and
makes the allocation computation loop skip empty sections as the loading
loop does.
Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit 03215e342f552396ab08125ea769b1e166417ec1)
---
grub-core/kern/dl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c
index f304494574..aef8af8aa7 100644
--- a/grub-core/kern/dl.c
+++ b/grub-core/kern/dl.c
@@ -289,6 +289,9 @@ grub_dl_load_segments (grub_dl_t mod, const Elf_Ehdr *e)
i < e->e_shnum;
i++, s = (const Elf_Shdr *)((const char *) s + e->e_shentsize))
{
+ if (s->sh_size == 0 || !(s->sh_flags & SHF_ALLOC))
+ continue;
+
tsize = ALIGN_UP (tsize, s->sh_addralign) + s->sh_size;
if (talign < s->sh_addralign)
talign = s->sh_addralign;