From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1ppYZT-00062k-23
	for mharc-grub-devel@gnu.org; Thu, 20 Apr 2023 13:59:51 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <lidong.chen@oracle.com>)
 id 1ppYZQ-000620-V3
 for grub-devel@gnu.org; Thu, 20 Apr 2023 13:59:48 -0400
Received: from mx0a-00069f02.pphosted.com ([205.220.165.32])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <lidong.chen@oracle.com>)
 id 1ppYZO-0001ni-Az
 for grub-devel@gnu.org; Thu, 20 Apr 2023 13:59:48 -0400
Received: from pps.filterd (m0246627.ppops.net [127.0.0.1])
 by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 33KDtb6J009202
 for <grub-devel@gnu.org>; Thu, 20 Apr 2023 17:59:41 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
 h=from : to : cc :
 subject : date : message-id : mime-version : content-transfer-encoding;
 s=corp-2023-03-30; bh=kbHU3pZwfgRIUbx5U+o5FUGZuqCcMAI7NmdNtYNCXiE=;
 b=PSl1strD9tki5znxkbo0a2KJKRjJ2k+PjsAPNx5pEpEPkdQALmLxcJGHofXp4x/ksfxp
 ccHzwDJwVVcHmL7VAHwS2/C6XPtFsmLixGX7k5FnBRJuoPd8FR02cN+/wHIMcIw6vLvM
 alKyKcDPyxcDhqrgjAPQ8iE4vh5F55qNgAobhG3S1AnNISnoyTRKIkMMx6bl2lhinM2y
 8iHPilQuO6+kezF7lmvNBn2tiyltlKnTMvdKuvXRZ2fFlKG0fPYK3xPuDqOeWndxglbW
 zx/CC1mhjRsthnDgWoDVRB85wlE2FKd/MfmdGfBGqLoQvK8SIMTxBirmzBJzv0EZjBI/ rg== 
Received: from phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com
 (phxpaimrmta01.appoci.oracle.com [138.1.114.2])
 by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3pyjh1ukxu-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Thu, 20 Apr 2023 17:59:41 +0000
Received: from pps.filterd
 (phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1])
 by phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19)
 with ESMTP id 33KGtGtQ011088
 for <grub-devel@gnu.org>; Thu, 20 Apr 2023 17:59:40 GMT
Received: from pps.reinject (localhost [127.0.0.1])
 by phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id
 3pyjc8499d-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Thu, 20 Apr 2023 17:59:40 +0000
Received: from phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com
 (phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1])
 by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 33KHxeM9002317
 for <grub-devel@gnu.org>; Thu, 20 Apr 2023 17:59:40 GMT
Received: from localhost
 (lidochen-ol8-1.allregionaliads.osdevelopmeniad.oraclevcn.com
 [100.100.250.72])
 by phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTP id
 3pyjc84990-1; Thu, 20 Apr 2023 17:59:40 +0000
From: Lidong Chen <lidong.chen@oracle.com>
To: grub-devel@gnu.org
Cc: daniel.kiper@oracle.com, lidong.chen@oracle.com
Subject: [PATCH 0/4] Prevent out-of-bound reads 
Date: Thu, 20 Apr 2023 17:59:35 +0000
Message-Id: <cover.1682012254.git.lidong.chen@oracle.com>
X-Mailer: git-send-email 2.31.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22
 definitions=2023-04-20_13,2023-04-20_01,2023-02-09_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0
 adultscore=0
 malwarescore=0 mlxlogscore=441 mlxscore=0 bulkscore=0 phishscore=0
 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2303200000 definitions=main-2304200150
X-Proofpoint-GUID: GyEAjuc2VvNrThergBw_dSApAhmfbvYE
X-Proofpoint-ORIG-GUID: GyEAjuc2VvNrThergBw_dSApAhmfbvYE
Received-SPF: pass client-ip=205.220.165.32;
 envelope-from=lidong.chen@oracle.com; helo=mx0a-00069f02.pphosted.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_MED=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2023 17:59:49 -0000

This set of patches adds checks to ensure the node
size is valid before accessing it. In addition, error
messages are marked for translation.

Lidong Chen (4):
  fs/hfsplus: Validate btree node size
  fs/hfsplus: Prevent out of bound access in catalog file
  fs/hfsplus: Set grub errno to prevent NULL pointer access
  fs/hfsplus: Mark error strings for translation

 grub-core/fs/hfsplus.c | 49 +++++++++++++++++++++++++++++++-----------
 1 file changed, 36 insertions(+), 13 deletions(-)

-- 
2.39.1