From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1XVj6S-0005xE-UP for mharc-grub-devel@gnu.org; Sun, 21 Sep 2014 11:31:09 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56548) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XVj6L-0005wQ-FG for grub-devel@gnu.org; Sun, 21 Sep 2014 11:31:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XVj6F-0006e6-VH for grub-devel@gnu.org; Sun, 21 Sep 2014 11:31:01 -0400 Received: from mail-we0-x234.google.com ([2a00:1450:400c:c03::234]:58384) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XVj6F-0006di-KJ for grub-devel@gnu.org; Sun, 21 Sep 2014 11:30:55 -0400 Received: by mail-we0-f180.google.com with SMTP id u56so1762477wes.11 for ; Sun, 21 Sep 2014 08:30:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=yovZt6B5KBF2cI8F+0m5Bwy+1sQH4Soyi9wlw++s630=; b=MIxSo+Oh3YLyMkCgqR8oSG6KjGtBi03kNayDdFIK6Dw9TVyabqpwd+Qx+VkHpqEior uC66rYQyQ4VD+uhoFOjawDR6PYtSfgeLQ4hsMPmY2yxC9p9tfj1RRSFP4JX4PGrpuuCi HCcMY3o3mv+swdMeP8bjT0+Xx7Xfixi3/4YPLpHXmdg6FWYPDalxlwvBag7cMvVJkmMi haQj8DUfcrHhnNzQQAzbWt4G6QEGbh80Y9JFIEqL8R+q7J25dl1HZ9/ceBukoXDIIc+2 uJmSSKwShFhTYMxWzPyHmdQ2c2rLmkcmaFKsrVrWtrkw2HLBqJQMfW3B7gMrTA/g2kwS UsVQ== X-Received: by 10.180.24.35 with SMTP id r3mr9533712wif.71.1411313449751; Sun, 21 Sep 2014 08:30:49 -0700 (PDT) Received: from [192.168.42.4] (160-228.197-178.cust.bluewin.ch. [178.197.228.160]) by mx.google.com with ESMTPSA id lg6sm9194948wjb.40.2014.09.21.08.30.48 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 21 Sep 2014 08:30:49 -0700 (PDT) Message-ID: <541EEF24.7000606@gmail.com> Date: Sun, 21 Sep 2014 17:30:44 +0200 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.0 MIME-Version: 1.0 To: The development of GNU GRUB Subject: Re: [PATCH] Initialized initrd_ctx so we don't free a random pointer from the stack. References: <1410985811-17520-1-git-send-email-pjones@redhat.com> <20140921103940.6d9858e4@opensuse.site> In-Reply-To: <20140921103940.6d9858e4@opensuse.site> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="9rUH3fqadUAUFicq3c00afVf94qUuWxOB" X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a00:1450:400c:c03::234 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Sep 2014 15:31:06 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --9rUH3fqadUAUFicq3c00afVf94qUuWxOB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 21.09.2014 08:39, Andrei Borzenkov wrote: > =D0=92 Wed, 17 Sep 2014 16:30:11 -0400 > Peter Jones =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >=20 >> Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends= us >> into grub_initrd_close() without grub_initrd_init() being called, and = thus >> it never clears initrd_ctx->components. grub_initrd_close() then free= s that >> address, which is stale data from the stack. If the stack happens to = have a >> stale *address* there that matches a recent allocation, then you'll ge= t a >> double free later. >> >> So initialize the memory up front. >> >=20 > Pushed. >=20 Thank you for taking care of this. > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel >=20 --9rUH3fqadUAUFicq3c00afVf94qUuWxOB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iF4EAREKAAYFAlQe7yQACgkQmBXlbbo5nOsPlAEArmFS16YVbarr2YXQNryWZPlw XT4vvfdGQGdoj0Y4I2EA/RE6QJ5y6a3C90cBqQV+AKe2D7dcuTmp7Bit1wsFYX6H =e5hH -----END PGP SIGNATURE----- --9rUH3fqadUAUFicq3c00afVf94qUuWxOB--