On 21.09.2014 08:39, Andrei Borzenkov wrote:
> В Wed, 17 Sep 2014 16:30:11 -0400
> Peter Jones <pjones@redhat.com> пишет:
> 
>> Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
>> into grub_initrd_close() without grub_initrd_init() being called, and thus
>> it never clears initrd_ctx->components.  grub_initrd_close() then frees that
>> address, which is stale data from the stack.  If the stack happens to have a
>> stale *address* there that matches a recent allocation, then you'll get a
>> double free later.
>>
>> So initialize the memory up front.
>>
> 
> Pushed.
> 
Thank you for taking care of this.
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
>