bug-grub
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #45119] Grub-macbless has a buffer overflow

From: Gregory Disney-Leugers
Subject: [bug #45119] Grub-macbless has a buffer overflow
Date: Sun, 17 May 2015 08:09:28 +0000
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Firefox/38.0 
URL:
  <http://savannah.gnu.org/bugs/?45119>

                 Summary: Grub-macbless has a buffer overflow
                 Project: GNU GRUB
            Submitted by: gdl
            Submitted on: Sun 17 May 2015 08:09:27 AM GMT
                Category: Security
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: Gregory Disney-Leguers
        Originator Email: address@hidden
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 
                 Release: 2.02~beta1
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

grub-macbless contains a buffer overflow, due to fprintf() at line 134
at https://github.com/coreos/grub/blame/master/util/grub-macbless.c.
Steps to reproduce:
1. `/usr/sbin/grub-macbless --x86 `perl -e 'print "A"x1024 .
"\xfc\xff\xff\xff"x2`
2. gdb /usr/sbin/grub-macbless core.2067 Expected result: Segmentation
Fault caused by buffer overflow.




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?45119>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]