* [PATCH v0] Fix double-free introduced by commit 33d02a42d64cf06cada1c389e5abba4b9d196cc5
@ 2013-12-13 19:00 Jon McCune
0 siblings, 0 replies; only message in thread
From: Jon McCune @ 2013-12-13 19:00 UTC (permalink / raw)
To: grub-devel; +Cc: Jon McCune
To reproduce the problem, make sure you have a GPG public key available, build and install GRUB:
grub-install --debug --debug-image="all" --pubkey=/boot/pubkey.gpg --modules="serial terminfo gzio search search_label search_fs_uuid search_fs_file linux vbe video_fb video mmap relocator verify gcry_rsa gcry_dsa gcry_sha256 hashsum gcry_sha1 mpi echo loadenv boottime" /dev/sda
Sign all the files in /boot/grub/* and reboot.
I tested in a QEMU VM using an i386 target. I was *not* able to successfully test the changes to the compression routines with 'make check'. If somebody else could do that, it would be much appreciated.
Signed-off-by: Jon McCune <jonmccune@google.com>
---
grub-core/commands/verify.c | 1 +
grub-core/io/gzio.c | 1 +
grub-core/io/lzopio.c | 1 +
grub-core/io/xzio.c | 1 +
grub-core/kern/file.c | 1 +
5 files changed, 5 insertions(+)
diff --git a/grub-core/commands/verify.c b/grub-core/commands/verify.c
index dbe7e83..e14e07c 100644
--- a/grub-core/commands/verify.c
+++ b/grub-core/commands/verify.c
@@ -885,6 +885,7 @@ grub_pubkey_open (grub_file_t io, const char *filename)
if (err)
return NULL;
io->device = 0;
+ io->name = 0;
grub_file_close (io);
return ret;
}
diff --git a/grub-core/io/gzio.c b/grub-core/io/gzio.c
index 59ad6da..af222a8 100644
--- a/grub-core/io/gzio.c
+++ b/grub-core/io/gzio.c
@@ -1259,6 +1259,7 @@ grub_gzio_close (grub_file_t file)
/* No need to close the same device twice. */
file->device = 0;
+ file->name = 0;
return grub_errno;
}
diff --git a/grub-core/io/lzopio.c b/grub-core/io/lzopio.c
index 2895e21..0606d41 100644
--- a/grub-core/io/lzopio.c
+++ b/grub-core/io/lzopio.c
@@ -525,6 +525,7 @@ grub_lzopio_close (grub_file_t file)
/* Device must not be closed twice. */
file->device = 0;
+ file->name = 0;
return grub_errno;
}
diff --git a/grub-core/io/xzio.c b/grub-core/io/xzio.c
index bcce242..10eb595 100644
--- a/grub-core/io/xzio.c
+++ b/grub-core/io/xzio.c
@@ -319,6 +319,7 @@ grub_xzio_close (grub_file_t file)
/* Device must not be closed twice. */
file->device = 0;
+ file->name = 0;
return grub_errno;
}
diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c
index 24da12b..9083e4f 100644
--- a/grub-core/kern/file.c
+++ b/grub-core/kern/file.c
@@ -188,6 +188,7 @@ grub_file_close (grub_file_t file)
if (file->device)
grub_device_close (file->device);
grub_free (file->name);
+ file->name = 0;
grub_free (file);
return grub_errno;
}
--
1.8.5.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2013-12-13 19:00 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-12-13 19:00 [PATCH v0] Fix double-free introduced by commit 33d02a42d64cf06cada1c389e5abba4b9d196cc5 Jon McCune
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).