packages/grub2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib/libtasn1: Fix ETYPE_OK off by one array size check

Browse Source 
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
(cherry picked from commit 4155120fe548cfc7cff865d1b938514a7d25da28)
This commit is contained in:
Qiumiao Zhang 2024-06-05 02:03:28 +00:00 committed by openeuler-sync-bot
parent 198399db9c
commit 2809f32357
3 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
backport-CVE-2021-46848-lib-libtasn1-Fix-ETYPE_OK-off-by-one-array.patch Normal file
View File

@ -0,0 +1,29 @@
From 3395407f083eae362637d7a29e31c97008a57f4f Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Wed, 17 Aug 2022 12:25:06 +0200
Subject: [PATCH] lib/libtasn1: Fix ETYPE_OK off by one array size check
Reported by David Trabish in
<https://gitlab.com/gnutls/libtasn1/-/issues/32>.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
---
grub-core/lib/libtasn1/lib/int.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/lib/libtasn1/lib/int.h b/grub-core/lib/libtasn1/lib/int.h
index edfe84a..c15bfa6 100644
--- a/grub-core/lib/libtasn1/lib/int.h
+++ b/grub-core/lib/libtasn1/lib/int.h
@@ -97,7 +97,7 @@ typedef struct tag_and_class_st
# define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
# define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
# define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
- (etype) <= _asn1_tags_size && \
+ (etype) < _asn1_tags_size && \
_asn1_tags[(etype)].desc != NULL)?1:0)
# define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \
--
2.33.0

1
grub.patches
View File

@ -232,3 +232,4 @@ Patch231: loongarch64-fix-GRUB_EFI_MAX_ALLOCATION_ADDRESS-unde.patch
Patch232: modify-efi_max_usable-addr.patch
Patch233: LoongArch-Add-back-compatibility-for-linux-kernel.patch
Patch234: Fix-that-patch-28dcf48482-introduced-old-code.patch
Patch235: backport-CVE-2021-46848-lib-libtasn1-Fix-ETYPE_OK-off-by-one-array.patch

8
grub2.spec
View File

@ -14,7 +14,7 @@
Name: grub2
Epoch: 1
Version: 2.12
Release: 14
Release: 15
Summary: Bootloader with support for Linux, Multiboot and more
License: GPLv3+
URL: http://www.gnu.org/software/grub/
@ -447,6 +447,12 @@ fi
%{_datadir}/man/man*
%changelog
* Wed Jun 5 2024 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.12-15
- Type:CVE
- CVE:CVE-2021-46848
- SUG:NA
- DESC:lib/libtasn1: Fix ETYPE_OK off by one array size check
* Tue May 28 2024 liuxue <liuxue@loongson.cn> - 1:2.12-14
- Type:bugfix
- CVE:NA