osdep/unix/getroot: Fix potential underflow

The entry_len is initialized in grub_find_root_devices_from_mountinfo()
to 0 before the while loop iterates through /proc/self/mountinfo. If the
file is empty or contains only invalid entries entry_len remains
0 causing entry_len - 1 in the subsequent for loop initialization
to underflow. To prevent this add a check to ensure entry_len > 0 before
entering the for loop.

Fixes: CID 473877
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name osdep-unix-getroot-Fix-potential-underflow.patch

diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c
index b4e279f6bceaf2582b849d73e845a3e57c330d08..e8237066b3a7248ee86c60a0b76fd802bda6c971 100644 (file)
--- a/grub-core/osdep/linux/getroot.c
+++ b/grub-core/osdep/linux/getroot.c
@@ -484,6 +484,9 @@ again:
        }
     }
 
+  if (!entry_len)
+    goto out;
+
   /* Now scan visible mounts for the ones we're interested in.  */
   for (i = entry_len - 1; i >= 0; i--)
     {