nalika / rpms / grub2

Forked from rpms/grub2 2 years ago
Clone

Blame SOURCES/0456-disk-lvm-Do-not-crash-if-an-expected-string-is-not-f.patch

80913e
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
80913e
From: Daniel Axtens <dja@axtens.net>
80913e
Date: Thu, 21 Jan 2021 18:35:22 +1100
80913e
Subject: [PATCH] disk/lvm: Do not crash if an expected string is not found
80913e
80913e
Clean up a bunch of cases where we could have strstr() fail and lead to
80913e
us dereferencing NULL.
80913e
80913e
We'll still leak memory in some cases (loops don't clean up allocations
80913e
from earlier iterations if a later iteration fails) but at least we're
80913e
not crashing.
80913e
80913e
Signed-off-by: Daniel Axtens <dja@axtens.net>
80913e
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
80913e
---
80913e
 grub-core/disk/lvm.c | 22 +++++++++++++++++-----
80913e
 1 file changed, 17 insertions(+), 5 deletions(-)
80913e
80913e
diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
80913e
index 1e80137c452..03587e744dc 100644
80913e
--- a/grub-core/disk/lvm.c
80913e
+++ b/grub-core/disk/lvm.c
80913e
@@ -541,7 +541,16 @@ error_parsing_metadata:
80913e
 			}
80913e
 
80913e
 		      if (seg->node_count != 1)
80913e
-			seg->stripe_size = grub_lvm_getvalue (&p, "stripe_size = ");
80913e
+			{
80913e
+			  seg->stripe_size = grub_lvm_getvalue (&p, "stripe_size = ");
80913e
+			  if (p == NULL)
80913e
+			    {
80913e
+#ifdef GRUB_UTIL
80913e
+			      grub_util_info ("unknown stripe_size");
80913e
+#endif
80913e
+			      goto lvs_segment_fail;
80913e
+			    }
80913e
+			}
80913e
 
80913e
 		      seg->nodes = grub_calloc (seg->node_count,
80913e
 						sizeof (*stripe));
80913e
@@ -561,7 +570,7 @@ error_parsing_metadata:
80913e
 			{
80913e
 			  p = grub_strchr (p, '"');
80913e
 			  if (p == NULL)
80913e
-			    continue;
80913e
+			    goto lvs_segment_fail2;
80913e
 			  q = ++p;
80913e
 			  while (*q != '"')
80913e
 			    q++;
80913e
@@ -580,7 +589,10 @@ error_parsing_metadata:
80913e
 			  stripe->start = grub_lvm_getvalue (&p, ",")
80913e
 			    * vg->extent_size;
80913e
 			  if (p == NULL)
80913e
-			    continue;
80913e
+			    {
80913e
+			      grub_free (stripe->name);
80913e
+			      goto lvs_segment_fail2;
80913e
+			    }
80913e
 
80913e
 			  stripe++;
80913e
 			}
80913e
@@ -617,7 +629,7 @@ error_parsing_metadata:
80913e
 
80913e
 			  p = grub_strchr (p, '"');
80913e
 			  if (p == NULL)
80913e
-			    continue;
80913e
+			    goto lvs_segment_fail2;
80913e
 			  q = ++p;
80913e
 			  while (*q != '"')
80913e
 			    q++;
80913e
@@ -705,7 +717,7 @@ error_parsing_metadata:
80913e
 			  p = p ? grub_strchr (p + 1, '"') : 0;
80913e
 			  p = p ? grub_strchr (p + 1, '"') : 0;
80913e
 			  if (p == NULL)
80913e
-			    continue;
80913e
+			    goto lvs_segment_fail2;
80913e
 			  q = ++p;
80913e
 			  while (*q != '"')
80913e
 			    q++;