From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1pIpv1-00056L-FU
	for mharc-grub-devel@gnu.org; Fri, 20 Jan 2023 06:50:52 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <scdbackup@gmx.net>) id 1pIpuy-000565-Fb
 for grub-devel@gnu.org; Fri, 20 Jan 2023 06:50:48 -0500
Received: from mout.gmx.net ([212.227.15.18])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <scdbackup@gmx.net>) id 1pIpuw-0000iy-La
 for grub-devel@gnu.org; Fri, 20 Jan 2023 06:50:48 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417;
 t=1674215426; bh=s+ly6zPFiFAalKfSko3GuTKeeiOPXcXpbLkKnLPwWTU=;
 h=X-UI-Sender-Class:Date:From:To:Subject:Cc:References:In-Reply-To;
 b=dOMDXqrHFlCkjuwBelkXVDlNXsQ49EH9OJDINhoEN8b9rWNUAuLCkg5I1AGGOAWvg
 mZ/krtcDbe8YkCbuJakX+h3lg7DuESCUJ5PT/TVj+93du4BKn5YrbK391MGRu1qKZ4
 OiyFs2iceQYa/mUzBEcJTwwh/eqej9HJJDkvc3O0fsXBIQX5LxOoNjy9mRhZK7z8wY
 Q5OE+FnS/tDBEyo1Rdlmdl4w+eSAoC/+58M7GNc0ox79BhOdLhHSius76hEdZrTQXR
 ust5ilPwvoMmdVfUvby6PNFDDyK0x2E23NmDtbTNyBMyM2x7z/brVvjCAJ977SBIzB
 7xm/vCjmnshVw==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from scdbackup.webframe.org ([84.179.236.73]) by mail.gmx.net
 (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id
 1MbirE-1ohrno2EtK-00dJbq; Fri, 20 Jan 2023 12:50:26 +0100
Date: Fri, 20 Jan 2023 12:49:40 +0100
From: "Thomas Schmitt" <scdbackup@gmx.net>
To: grub-devel@gnu.org
Subject: Re: [PATCH v2 0/5] fs/iso9660: Fix out-of-bounds read
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Cc: lidong.chen@oracle.com, fengtao40@huawei.com, yanan@huawei.com,
 daniel.kiper@oracle.com, lichenca2005@gmail.com
References: <EF18BFAA-2C70-47D4-9FBB-B8E093E0AA21@ORACLE.COM>
In-Reply-To: <EF18BFAA-2C70-47D4-9FBB-B8E093E0AA21@ORACLE.COM>
Message-Id: <25717393172200334337@scdbackup.webframe.org>
X-Provags-ID: V03:K1:4coLmw/8rrR7VtSjp0fHsm5GZHF56ADRrkftggHrbNg3gS4Sjj4
 ZAA6kSzTeaSgHodXfcJPzjQLsiLniwpVL8RTLIv8djXfa/+CuzjrC3DvWPfeBRWdSIcnCNE
 3JbA6w2DGRzOmZI6h5r6PyLmeIiLk+4Rl8lN8r++WWB2QcuolzDZ0EofifDoc/LtxO4Yitu
 dU/7H/wHmvrvnusGv1yJQ==
UI-OutboundReport: notjunk:1;M01:P0:fgLn/f+RtT0=;2Cz4N61NfaIlXoAtagAA2Awg2sx
 iQc87nny6z36FTn/5ZroJ0mKEwR279Zab8qjQi7BHwuYKLkJOOMfyRhJBcheUi5swMOU9WZzN
 aS8ODCCSKbTVaK/80AInpRGv+i0rGPtV62wkonQleJQDVFMBl/Ajo+pzOJANXB5AluF6kcHpH
 W0801cq/jZXWJCsAbl52UBqeYM3DSgfmp7Pao8g9dUx6zLmlucBDDj9c3YKsYeWOlvZceH12J
 jEdvkm6qd7/nbKN520ck1d7AxrnDJrZrwdRAGdvGJsYfQvtm7DOBvZAjrF1G8C/L9kUqBSrV8
 jHNZ79fMiq9WZtPU4syCDxqz1+EVphbx3c2qiE1f0HdUHHtEkDPcEB/MfFv5CNBLBTCe+zbsP
 hXrua6IVtvMeo5UndESGkWdCDFJUnHd/NPsQsbhcAYqGytz3dFskDZpSDsbTVECiVvYFS08sS
 hggejXmVF9xu1xc6ytdVJDmj+K2y2R2afUzni2j1rL6+3kTudEF1bpdeocP/X/mLgE9LPJhwL
 dhlPn5kEFdKp3QIPNHdREad1Ef+APebI59LZm+MXcDS1o18Q9mknVbaHOaQ6x/XnsZQJRkWGQ
 +rHZnqmwxqC/j3FTVeb+g7zm0d6i97KcU0hzFmqSYSmF1O9WPnWIgXMC+njXfu0MxXi4JAerb
 kSQCcs/Wq0I/KLSfmOZstX9zL8KeGNW72jJ6gKRMGQJ1sOxbEw9kSlonl3RVSBe0A3zabQrhw
 J2fR12QpvXtbp8Zz6YpfWoJZx04x/sTn142G8tsg8mjsbh8VpdkMhM9gdmZo2dYhuwb14K3eP
 1xpxlUKqhRHFe/4zGv/0CngSqDEhMwmyaxYuh/IKS5eqzQDtpv8Y0fnYQppvFZhOnl/2XiZ9D
 857CDp61td4pom4n7WvQkSxxaKVJbtv1zpIqQmJ+R3Q5noprn1qAfVdZIf7MfGNvobfHmX5Kp
 d9Rii80fi9VV285P5dqmsdSY96g=
Received-SPF: pass client-ip=212.227.15.18; envelope-from=scdbackup@gmx.net;
 helo=mout.gmx.net
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jan 2023 11:50:48 -0000

Hi,

Lidong Chen wrote:
> I ran grub-fastest with both ce_loop ISO files. The endless loops were
> detected and Grub exited accordingly.

Good.


> I didn't know where the grub error message
> were stored in case of grub-fastest.

So you don't see an error message ?

I had the same problem a while ago, when i tried to check that my thoughts
about the loop end condition in grub_iso9660_susp_iterate() are correct.
(This is now covered by your patch 2.)


> But, I traced with gdb, and saw the=C2=A0 code reported the error.

It's on my todo list to learn how to prepare grub-fstest for working with
gdb. Currently gdb says "No debugging symbols found in ./grub-fstest".


> If the diff looks good, I will send the v3 patches set.

I have no objections.

If patches 1 to 4 are included in v3, please tell whether they have change=
d
towards v2. (I see no reason why they should change. But if they do, i'll
have to compare them with the earlier versions.)

=2D--------------------------------------------------------------------

I still riddle about how the error message can become visible to the user.
I don't get ideas for that from
  https://www.gnu.org/software/grub/manual/grub-dev/grub-dev.html#Error-Ha=
ndling

I wonder what is supposed to happen to the "textual message" component of
a grub_error() call. Under which conditions will it be displayed ?
And where ?


Have a nice day :)

Thomas