[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SECURITY PATCH 113/117] kern/misc: Add STRING type for internal printf(
From: |
Daniel Kiper |
Subject: |
[SECURITY PATCH 113/117] kern/misc: Add STRING type for internal printf() format handling |
Date: |
Tue, 2 Mar 2021 19:02:00 +0100 |
From: Thomas Frauendorfer | Miray Software <tf@miray.de>
Set printf() argument type for "%s" to new type STRING. This is in
preparation for a follow up patch to compare a printf() format string
against an expected printf() format string.
For "%s" the corresponding printf() argument is dereferenced as pointer
while all other argument types are defined as integer value. However,
when validating a printf() format it is necessary to differentiate "%s"
from "%p" and other integers. So, let's do that.
Signed-off-by: Thomas Frauendorfer | Miray Software <tf@miray.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/kern/misc.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c
index c58857ca2..074728b2b 100644
--- a/grub-core/kern/misc.c
+++ b/grub-core/kern/misc.c
@@ -33,7 +33,8 @@ union printf_arg
enum
{
INT, LONG, LONGLONG,
- UNSIGNED_INT = 3, UNSIGNED_LONG, UNSIGNED_LONGLONG
+ UNSIGNED_INT = 3, UNSIGNED_LONG, UNSIGNED_LONGLONG,
+ STRING
} type;
long long ll;
};
@@ -791,12 +792,14 @@ parse_printf_arg_fmt (const char *fmt0, struct
printf_args *args)
args->ptr[curn].type = INT + longfmt;
break;
case 'p':
- case 's':
if (sizeof (void *) == sizeof (long long))
args->ptr[curn].type = UNSIGNED_LONGLONG;
else
args->ptr[curn].type = UNSIGNED_INT;
break;
+ case 's':
+ args->ptr[curn].type = STRING;
+ break;
case 'C':
case 'c':
args->ptr[curn].type = INT;
@@ -831,6 +834,12 @@ parse_printf_args (const char *fmt0, struct printf_args
*args, va_list args_in)
case UNSIGNED_LONGLONG:
args->ptr[n].ll = va_arg (args_in, long long);
break;
+ case STRING:
+ if (sizeof (void *) == sizeof (long long))
+ args->ptr[n].ll = va_arg (args_in, long long);
+ else
+ args->ptr[n].ll = va_arg (args_in, unsigned int);
+ break;
}
}
--
2.11.0
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, (continued)
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, Didier Spaier, 2021/03/02
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, Daniel Kiper, 2021/03/03
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, Lennart Sorensen, 2021/03/03
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, John Paul Adrian Glaubitz, 2021/03/03
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, Lennart Sorensen, 2021/03/03
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, Didier Spaier, 2021/03/03
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, Daniel Kiper, 2021/03/03
- Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, John Paul Adrian Glaubitz, 2021/03/03
[SECURITY PATCH 117/117] kern/mm: Fix grub_debug_calloc() compilation error, Daniel Kiper, 2021/03/02
[SECURITY PATCH 110/117] grub-install-common: Add --sbat option, Daniel Kiper, 2021/03/02
[SECURITY PATCH 113/117] kern/misc: Add STRING type for internal printf() format handling,
Daniel Kiper <=
[SECURITY PATCH 111/117] shim_lock: Only skip loading shim_lock verifier with explicit consent, Daniel Kiper, 2021/03/02
Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, John Paul Adrian Glaubitz, 2021/03/02
Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Paul Menzel, 2021/03/18