From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1n7qGo-0004B6-9q
	for mharc-grub-devel@gnu.org; Wed, 12 Jan 2022 21:55:22 -0500
Received: from eggs.gnu.org ([209.51.188.92]:57938)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1n7qGm-0004Ae-Gj
 for grub-devel@gnu.org; Wed, 12 Jan 2022 21:55:20 -0500
Received: from [2607:f8b0:4864:20::f35] (port=43723
 helo=mail-qv1-xf35.google.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1n7qGh-00010Z-Pn
 for grub-devel@gnu.org; Wed, 12 Jan 2022 21:55:18 -0500
Received: by mail-qv1-xf35.google.com with SMTP id l13so3721764qvz.10
 for <grub-devel@gnu.org>; Wed, 12 Jan 2022 18:55:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=efficientek-com.20210112.gappssmtp.com; s=20210112;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=Y2sqK8hnrJNmniBXIG3rZVwx2Gk0nIH6LRHhknloZiA=;
 b=ivAY4YuWad5JK38DAQEd18z3tS/9hhVSGnfrdit4wpU8BeQQnWA8M3ESlvw/OsJcTN
 pq1ZbH62A4H/qhNVNycO+xVdI22ZrtIcPrWEHhLidCrxBGibET4bousO0n1wtJCmIOxH
 MUKgBeBAx9y4UCYM2BYhAlKMuvSSrLd/wTUyu/jHLqIpkixAa+9CAoAAftLLhT279Im7
 UHz03h3afKcncFMRgQ0IEsNR4ID6XzRHEAPIGlyYO0J/bN1Cxfo+WS6jquZ7/Jzt7XR/
 Yq7kw9ohMfstVCako3BStgyRt86qeinwzYUdmTvrCl7fAVhWlX9sgsPxwIPujSkYaC/m
 3AWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=Y2sqK8hnrJNmniBXIG3rZVwx2Gk0nIH6LRHhknloZiA=;
 b=Jp0F63m1VyBN54XXzeZL93D4lf82/kavOyyNhJjydlGSo1LD2ZTU4riFRziC70XFyb
 cG/PLmfuxPHGbhea1PaT889h3tUh+2doYN69PCXw/IKNLhzcjsPuoEOVfGzviB37CK8U
 VF63Bp+1yDzaU7gYeB4BEzK/gSbkH3uduXdSgqZRAy20dukOXjD+vnRCBngfmN1ER5eh
 iGo0xjHxaphyDFTjyOMYftF7asCle+x2Nuaj28VerF/I3I6QJN9UKiBrEB2RyjEu6wy+
 X6bivGqdr3pKNJUCwGakjUrQ9Rmra7RBepWClaH9Xr0Q5o6R3CxwI1+VZNC/p8gfb1oW
 eFug==
X-Gm-Message-State: AOAM530gbqnnmQ0YQH0CLZj9fnbQ4PjvlbLW5OUij3gZ+kKoVAOJAtNN
 XKQF264hw/CFtw0jnIZhXsEweg==
X-Google-Smtp-Source: ABdhPJx9zXyPoTG24LL5u/z2FwLevt34RottjXs/4Jey4B2pk2xxtWvydin+YAf6smP0oQN+luKELQ==
X-Received: by 2002:a05:6214:2588:: with SMTP id
 fq8mr629096qvb.111.1642042514122; 
 Wed, 12 Jan 2022 18:55:14 -0800 (PST)
Received: from localhost.localdomain ([37.218.244.251])
 by smtp.gmail.com with ESMTPSA id m13sm976151qkk.122.2022.01.12.18.55.11
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 12 Jan 2022 18:55:13 -0800 (PST)
From: Glenn Washburn <development@efficientek.com>
To: Daniel Kiper <dkiper@net-space.pl>,
	grub-devel@gnu.org
Cc: Glenn Washburn <development@efficientek.com>
Subject: [PATCH 0/2] Fix a couple issues in moddep parsing
Date: Wed, 12 Jan 2022 20:54:59 -0600
Message-Id: <cover.1642042033.git.development@efficientek.com>
X-Mailer: git-send-email 2.27.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Host-Lookup-Failed: Reverse DNS lookup failed for 2607:f8b0:4864:20::f35
 (failed)
Received-SPF: pass client-ip=2607:f8b0:4864:20::f35;
 envelope-from=development@efficientek.com; helo=mail-qv1-xf35.google.com
X-Spam_score_int: -10
X-Spam_score: -1.1
X-Spam_bar: -
X-Spam_report: (-1.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jan 2022 02:55:20 -0000

The first patch fixes an OOB read bug and the second outputs a less confusing
error to the user when the moddep.lst line is too long. Really it would be
better to support lines of unlimited length, but I'm not motivated to add that.
The condition under which these issues are triggered should never really happen
because no module (currently) has enough dependencies to generate such long
lines in moddep.lst. I was triggering this under some odd conditions where
the all_video module dependency line contained all grub modules. So I think
having a max length for moddep.lst lines is reasonable at this point.

Glenn

Glenn Washburn (2):
  util/resolve.c: Do not read past the end of the array in read_dep_list
  util/resolve.c: Bail with error if moddep lst file line is too long

 util/resolve.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

-- 
2.27.0