dcavalca / rpms / grub2

Forked from rpms/grub2 3 years ago
Clone

Blame SOURCES/0425-util-grub-editenv-Fix-incorrect-casting-of-a-signed-.patch

9723a8
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
9723a8
From: Darren Kenny <darren.kenny@oracle.com>
9723a8
Date: Thu, 5 Nov 2020 14:33:50 +0000
9723a8
Subject: [PATCH] util/grub-editenv: Fix incorrect casting of a signed value
9723a8
9723a8
The return value of ftell() may be negative (-1) on error. While it is
9723a8
probably unlikely to occur, we should not blindly cast to an unsigned
9723a8
value without first testing that it is not negative.
9723a8
9723a8
Fixes: CID 73856
9723a8
9723a8
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
9723a8
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
9723a8
---
9723a8
 util/grub-editenv.c | 8 +++++++-
9723a8
 1 file changed, 7 insertions(+), 1 deletion(-)
9723a8
9723a8
diff --git a/util/grub-editenv.c b/util/grub-editenv.c
9723a8
index 2918bb71cfe..e9011e0fbde 100644
9723a8
--- a/util/grub-editenv.c
9723a8
+++ b/util/grub-editenv.c
9723a8
@@ -128,6 +128,7 @@ open_envblk_file (const char *name)
9723a8
 {
9723a8
   FILE *fp;
9723a8
   char *buf;
9723a8
+  long loc;
9723a8
   size_t size;
9723a8
   grub_envblk_t envblk;
9723a8
 
9723a8
@@ -146,7 +147,12 @@ open_envblk_file (const char *name)
9723a8
     grub_util_error (_("cannot seek `%s': %s"), name,
9723a8
 		     strerror (errno));
9723a8
 
9723a8
-  size = (size_t) ftell (fp);
9723a8
+  loc = ftell (fp);
9723a8
+  if (loc < 0)
9723a8
+    grub_util_error (_("cannot get file location `%s': %s"), name,
9723a8
+		     strerror (errno));
9723a8
+
9723a8
+  size = (size_t) loc;
9723a8
 
9723a8
   if (fseek (fp, 0, SEEK_SET) < 0)
9723a8
     grub_util_error (_("cannot seek `%s': %s"), name,