From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1p062D-0007Rd-U3
	for mharc-grub-devel@gnu.org; Tue, 29 Nov 2022 14:12:50 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <scdbackup@gmx.net>) id 1p062B-0007R7-1C
 for grub-devel@gnu.org; Tue, 29 Nov 2022 14:12:47 -0500
Received: from mout.gmx.net ([212.227.15.19])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <scdbackup@gmx.net>) id 1p0629-0000Sk-1h
 for grub-devel@gnu.org; Tue, 29 Nov 2022 14:12:46 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417;
 t=1669749120; bh=RmMglu4gwQnG0ulXHXIFo5xE4t0llCi+H7FWmmP1yoE=;
 h=X-UI-Sender-Class:Date:From:To:Subject:Cc:References:In-Reply-To;
 b=ElaOPIMzpwXBGkS4t4ryGtmoBZZ0LR2NEuHdtI6w9YqJazQi4JspG7JaGIyBRoiJ/
 MbawAzz6Xuw+P9BB3dQYTOcacDj9HZtmuQPRhaLM3zSXHWozb9dYc7vTzBwJD56FAO
 ViBIoWcmwV+a+BHS3ZwI3MRahGQOqI5MnUemKajF7DcG9uzAe4I7SdKml+NFqbgXn1
 csCwwSJTSune0/1W3Aw1R8XidFzlPSbLZEBahHNNhfgKaijgzIgG6O19aEawinuRpz
 Dzc5iRDGDsQ0D6UHhAD9YTE1CCQ0Gt0rYKWPaFNczBBhM3K03OeUMEVtgZvZ54jIpC
 v1QDoIFkolreA==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from scdbackup.webframe.org ([84.179.236.73]) by mail.gmx.net
 (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id
 1N9dwd-1ouxcL06SL-015Vew; Tue, 29 Nov 2022 20:12:00 +0100
Date: Tue, 29 Nov 2022 20:12:00 +0100
From: "Thomas Schmitt" <scdbackup@gmx.net>
To: grub-devel@gnu.org
Subject: Re: Possible memory fault in fs/iso9660 (correction)
Content-Type: text/plain; charset="utf-8"
Cc: fengtao40@huawei.com,dkiper@net-space.pl
References: <20221129142607.h3pz24b2rxuyooss@tomti.i.net-space.pl>
In-Reply-To: <20221129142607.h3pz24b2rxuyooss@tomti.i.net-space.pl>
Message-Id: <31587388199100297735@scdbackup.webframe.org>
X-Provags-ID: V03:K1:wq7G4/MINjsBg/+5ViDL157e6MDAygWn9CJ2XmZfEXgMcp8P4jf
 DMnVufvM4HwqK0LM19DkKkVPeEB236l9fZMl1lgt2l7oTfbFdGDr2TcBdLal73l9fl4vmis
 EklR3IPB4GWBCf1jy6f1aPibtykYMfk1kqpe+Wcw3JsI4ZHhAS+GmJB9iAK9Lx992wD0aUu
 iqggckRDlSAI9GciDMgRA==
UI-OutboundReport: notjunk:1;M01:P0:NXnRWUJXOYY=;olMWqU6xhI8olwsl5gb9vx4K7Jv
 o4QIIYbesf/tNTghW84JSJHk5nOK2VIIuXK0fbRxDBzIonUaKj5e+TVljSvDkULzhvqwDYpPH
 XO97jjDwL6fAEylzfJ+v+ZAey6TDtwQp2hu8huQW5dGseFOvBKK4eFboLOkOVEd0vD+QqsHMI
 II8YOstiU0UIciAyjgBnTSew+S3sw9SmgRrMr3bIp5xRq6fSSsvqJdJwGdpqijRgclVUObCxj
 mx42q2R9isJ7tnV+EzAr5kWo7IJIlo4YetZXzvUemxqV8GElzzNCnAntnwOz1kuCnmR3jeKyG
 /6Vt1liUCfRTDxO/OwCD4kuf+ckcQgIAVkF9+cSsNfIfSvUxupMHTtpmLqDkD6eebg21XgdM6
 6FqEKxsTCELst4xFiYpj2Nd4hX1s4nt4GrP7m5IPzA7kqdoEMy5a1fOz1NWgj7HuwwbLcb/We
 DV//cvmlu+gFPZgXnC4WOMbIrOrX+Sjr9AkPIeiojm4OW8Mj7198PwB5RyGln8G/jvL7cSqxU
 AiwMek8m2Ox+AKFiEj69iSTozx9MJv7DYTuqcbWQn4IRdNVuzfFSe5TqjcTYss/2AGGLFyx23
 m6RydLOEUrWu2DEDe2+eO2kuqGgx1POwC6F7gDgSwRiwLvkvd5AYHo4H0Rshn1OiveG5TP7XV
 c24Plif5o4mJhvKB5XxTGx1RE9fwYQt8nBPJrI5a38R1zSO9TYr1Tv3+d1wcqel53Mwy7LZM3
 yO+B0kvigUprzMZcn3kLo8koBIrXsTPEBWQGhfpjGtvlWNzaqvNWIwJirfrrl8F0hVG72PpBn
 ntAqW7KL74/4Lqkxi7C7b0qg8csN7sCrz6teST2nK2AWC1SDn2Wv8PYa2M1/CDyZcRbAAadjf
 qDsJ/zHlufqtSQn3UmWcCZwtk9VImiBBICs8jFaB7xNQjSHFdSkaR8/7hvTFyMP6UyuelmlG/
 nf0Dxw==
Received-SPF: pass client-ip=212.227.15.19; envelope-from=scdbackup@gmx.net;
 helo=mout.gmx.net
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Nov 2022 19:12:47 -0000

Hi,

i wrote:
> > > I will think about creating such an ISO by help of xorriso and dd.

Daniel Kiper wrote:
> Yeah, that would be perfect...

I believe to have created one. But grub-fstest does not produce a memory
fault. See my mail
  Date: Tue, 29 Nov 2022 19:47:22 +0100
  Message-Id: <50363882005823433@scdbackup.webframe.org>
for the recipe to create that ISO.

I riddle:

- Would valgrind detect out-of-bounds reading in GRUB code ?
  (Or does the code under grub-fstest allocate a large memory chunk on
   which the memory management of GRUB operates ?)

- Is there a way to build the involved code for use under gdb ?

- How can i insert debug messages into grub-core/fs/iso9660.c ?


> > > [more opportunities to let the code derail]

> Huh! Could you fix these issues too?

I will try. But first i need to master grub-fstest or some other testbed
so that i can verify my theoretical considerations.

(The "- 1" problem is obvious from C code considerations. But the number
 to replace the "1" is not so obvious and in general we should not fix
 what is not broken.)


> > > In general:
> > > How mistrusting should GRUB be towards the bytes in the filesystem ?

> I think as little as possible. Especially if incorrect values may lead
> to OOB writes...

It is about out-of-bounds reads.

But i don't understand well the combination of your two sentences:
GRUB shall be credulent, especially if bad writes were involved ?
I would think that this is to be avoided most.

So please explain the philosopy a bit more verbous for an old programmer
or point me to examples.
(I would look into the other fs drivers if i would understand filesystems
 other than ISO 9660.)


Have a nice day :)

Thomas