grub-devel.gnu.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] grub-file: fix segmentation fault
@ 2016-04-08  6:43 Michael Chang
  2016-04-09  4:01 ` Andrei Borzenkov
  0 siblings, 1 reply; 5+ messages in thread
From: Michael Chang @ 2016-04-08  6:43 UTC (permalink / raw)
  To: grub-devel

In grub_file_open the file handle returned by file filters has no file->name
set which leads to segmentation fault later referenced by grub_elf_file. We
move the file->name value assignment after file filters to make sure it will be
set and returned.

The stack backtrace for reference.

 gdb --args ./grub-file --is-x86_64-xen-domu /boot/vmlinux-4.1.12-1-default.gz

 (gdb) bt
 #0  0x000000000047597e in grub_strlen (s=0x0) at ../grub-core/kern/misc.c:558
 #1  0x00000000004757e2 in grub_strdup (s=0x0) at ../grub-core/kern/misc.c:463
 #2  0x0000000000406418 in grub_elf_file (file=0x6dfb50, filename=0x0) at ../grub-core/kern/elf.c:89
 #3  0x00000000004043b3 in grub_xen_file (file=0x6dfb50) at ../grub-core/loader/i386/xen_file.c:29
 #4  0x0000000000403930 in grub_cmd_file (ctxt=0x7fffffffe120, argc=1, args=0x6dfa00) at ../grub-core/commands/file.c:425
 #5  0x000000000047e178 in grub_extcmd_dispatcher (cmd=0x6df730, argc=2, args=0x6ddfb0, script=0x0) at ../grub-core/commands/extcmd.c:54
 #6  0x000000000047e1d7 in grub_extcmd_dispatch (cmd=0x6df730, argc=2, args=0x6ddfb0) at ../grub-core/commands/extcmd.c:67
 #7  0x0000000000402945 in main (argc=3, argv=0x7fffffffe2e8) at ../util/grub-file.c:102
 (gdb) frame 3
 #3  0x00000000004043b3 in grub_xen_file (file=0x6dfb50) at ../grub-core/loader/i386/xen_file.c:29
 29        elf = grub_elf_file (file, file->name);
---
 grub-core/kern/file.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/grub-core/kern/file.c b/grub-core/kern/file.c
index 668f893..44047d7 100644
--- a/grub-core/kern/file.c
+++ b/grub-core/kern/file.c
@@ -111,9 +111,6 @@ grub_file_open (const char *name)
   if ((file->fs->open) (file, file_name) != GRUB_ERR_NONE)
     goto fail;
 
-  file->name = grub_strdup (name);
-  grub_errno = GRUB_ERR_NONE;
-
   for (filter = 0; file && filter < ARRAY_SIZE (grub_file_filters_enabled);
        filter++)
     if (grub_file_filters_enabled[filter])
@@ -123,7 +120,12 @@ grub_file_open (const char *name)
       }
   if (!file)
     grub_file_close (last_file);
-    
+  else
+    {
+      file->name = grub_strdup (name);
+      grub_errno = GRUB_ERR_NONE;
+    }
+
   grub_memcpy (grub_file_filters_enabled, grub_file_filters_all,
 	       sizeof (grub_file_filters_enabled));
 
-- 
2.6.2



^ permalink raw reply related	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2016-04-12  6:39 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-04-08  6:43 [PATCH] grub-file: fix segmentation fault Michael Chang
2016-04-09  4:01 ` Andrei Borzenkov
2016-04-11  4:00   ` Michael Chang
2016-04-11  9:28     ` Andrei Borzenkov
2016-04-12  6:39       ` Michael Chang

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).