|
 |
3efed6 |
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
3efed6 |
From: Michael Chang <mchang@suse.com>
|
|
|
3efed6 |
Date: Tue, 18 Feb 2020 18:08:18 +0800
|
|
|
3efed6 |
Subject: [PATCH] verifiers: Fix calling uninitialized function pointer
|
|
|
3efed6 |
|
|
|
3efed6 |
The necessary check for NULL before use of function ver->close is not
|
|
|
3efed6 |
taking place in the failure path. This patch simply adds the missing
|
|
|
3efed6 |
check and fixes the problem that GRUB hangs indefinitely after booting
|
|
|
3efed6 |
rogue image without valid signature if secure boot is turned on.
|
|
|
3efed6 |
|
|
|
3efed6 |
Now it displays like this for booting rogue UEFI image:
|
|
|
3efed6 |
|
|
|
3efed6 |
error: bad shim signature
|
|
|
3efed6 |
error: you need to load the kernel first
|
|
|
3efed6 |
|
|
|
3efed6 |
Press any key to continue...
|
|
|
3efed6 |
|
|
|
3efed6 |
and then you can go back to boot menu by pressing any key or after a few
|
|
|
3efed6 |
seconds expired.
|
|
|
3efed6 |
|
|
|
3efed6 |
Signed-off-by: Michael Chang <mchang@suse.com>
|
|
|
3efed6 |
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
|
|
|
3efed6 |
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
|
3efed6 |
---
|
|
|
3efed6 |
grub-core/commands/verifiers.c | 3 ++-
|
|
|
3efed6 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
3efed6 |
|
|
|
3efed6 |
diff --git a/grub-core/commands/verifiers.c b/grub-core/commands/verifiers.c
|
|
|
b71686 |
index c638d5f43..599d79b75 100644
|
|
|
3efed6 |
--- a/grub-core/commands/verifiers.c
|
|
|
3efed6 |
+++ b/grub-core/commands/verifiers.c
|
|
|
3efed6 |
@@ -196,7 +196,8 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type)
|
|
|
3efed6 |
return ret;
|
|
|
3efed6 |
|
|
|
3efed6 |
fail:
|
|
|
3efed6 |
- ver->close (context);
|
|
|
3efed6 |
+ if (ver->close)
|
|
|
3efed6 |
+ ver->close (context);
|
|
|
3efed6 |
fail_noclose:
|
|
|
3efed6 |
verified_free (verified);
|
|
|
3efed6 |
grub_free (ret);
|