projects / grub2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0fb51cb) | patch
fs: Prevent overflows when allocating memory for arrays
authorLidong Chen <lidong.chen@oracle.com>
Tue, 21 Jan 2025 19:02:37 +0000 (19:02 +0000)
committerMiao Wang <shankerwangmiao@gmail.com>
Sun, 15 Feb 2026 13:50:20 +0000 (13:50 +0000)
commit1163d4462d7d3e0dc00757e05b2d90806fbd6ada
tree6dc7e236d96d8edd8e9dc1b5eb4afd4543851033tree | snapshot
parent0fb51cb39e6470dc92a2d38dbea62d1e3685fc74commit | diff
fs: Prevent overflows when allocating memory for arrays

Use grub_calloc() when allocating memory for arrays to ensure proper
overflow checks are in place.

The HFS+ and squash4 security vulnerabilities were reported by
Jonathan Bar Or <jonathanbaror@gmail.com>.

Fixes: CVE-2025-0678
Fixes: CVE-2025-1125
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name fs-Prevent-overflows-when-allocating-memory-for-arrays.patch
grub-core/fs/btrfs.c diff | blob | history
grub-core/fs/hfspluscomp.c diff | blob | history
grub-core/fs/squash4.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.