Accepting request 250411 from home:arvidjaar:grub2-next

- update translations
- fix possible access to uninitialized pointer in linux loader
  * add grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
  * drop superceded grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch

OBS-URL: https://build.opensuse.org/request/show/250411
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=118

grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch

@@ -0,0 +1,134 @@
+From c1be7e90be547f6e3f2d7a5c0519f2efa31f495b Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Wed, 17 Sep 2014 16:30:11 -0400
+Subject: [PATCH] Initialized initrd_ctx so we don't free a random pointer from
+ the stack.
+
+Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
+into grub_initrd_close() without grub_initrd_init() being called, and thus
+it never clears initrd_ctx->components.  grub_initrd_close() then frees that
+address, which is stale data from the stack.  If the stack happens to have a
+stale *address* there that matches a recent allocation, then you'll get a
+double free later.
+
+So initialize the memory up front.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ grub-core/loader/arm/linux.c              | 2 +-
+ grub-core/loader/arm64/linux.c            | 2 +-
+ grub-core/loader/i386/linux.c             | 2 +-
+ grub-core/loader/i386/pc/linux.c          | 2 +-
+ grub-core/loader/ia64/efi/linux.c         | 2 +-
+ grub-core/loader/mips/linux.c             | 2 +-
+ grub-core/loader/powerpc/ieee1275/linux.c | 2 +-
+ grub-core/loader/sparc64/ieee1275/linux.c | 2 +-
+ 8 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c
+index e6770d9..62cbe75 100644
+--- a/grub-core/loader/arm/linux.c
++++ b/grub-core/loader/arm/linux.c
+@@ -396,7 +396,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+ {
+   grub_file_t file;
+   grub_size_t size = 0;
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
+diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
+index f1d10a1..0dc144e 100644
+--- a/grub-core/loader/arm64/linux.c
++++ b/grub-core/loader/arm64/linux.c
+@@ -328,7 +328,7 @@ static grub_err_t
+ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+ 		 int argc, char *argv[])
+ {
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+   int initrd_size, initrd_pages;
+   void *initrd_mem = NULL;
+ 
+diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
+index 31fb91e..2ae1763 100644
+--- a/grub-core/loader/i386/linux.c
++++ b/grub-core/loader/i386/linux.c
+@@ -1050,7 +1050,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+   grub_addr_t addr_min, addr_max;
+   grub_addr_t addr;
+   grub_err_t err;
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     {
+diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
+index 672c013..b481e46 100644
+--- a/grub-core/loader/i386/pc/linux.c
++++ b/grub-core/loader/i386/pc/linux.c
+@@ -388,7 +388,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+   grub_uint8_t *initrd_chunk;
+   grub_addr_t initrd_addr;
+   grub_err_t err;
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     {
+diff --git a/grub-core/loader/ia64/efi/linux.c b/grub-core/loader/ia64/efi/linux.c
+index 87ac49f..eb78e6e 100644
+--- a/grub-core/loader/ia64/efi/linux.c
++++ b/grub-core/loader/ia64/efi/linux.c
+@@ -568,7 +568,7 @@ static grub_err_t
+ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+ 		 int argc, char *argv[])
+ {
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     {
+diff --git a/grub-core/loader/mips/linux.c b/grub-core/loader/mips/linux.c
+index ef64a5b..4a3e8c5 100644
+--- a/grub-core/loader/mips/linux.c
++++ b/grub-core/loader/mips/linux.c
+@@ -415,7 +415,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+   void *initrd_src;
+   grub_addr_t initrd_dest;
+   grub_err_t err;
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
+diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c
+index 4a14f66..787d7dc 100644
+--- a/grub-core/loader/powerpc/ieee1275/linux.c
++++ b/grub-core/loader/powerpc/ieee1275/linux.c
+@@ -333,7 +333,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+   grub_size_t size = 0;
+   grub_addr_t first_addr;
+   grub_addr_t addr;
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     {
+diff --git a/grub-core/loader/sparc64/ieee1275/linux.c b/grub-core/loader/sparc64/ieee1275/linux.c
+index de6ee2f..c5e8dfa 100644
+--- a/grub-core/loader/sparc64/ieee1275/linux.c
++++ b/grub-core/loader/sparc64/ieee1275/linux.c
+@@ -373,7 +373,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
+   grub_addr_t paddr;
+   grub_addr_t addr;
+   int ret;
+-  struct grub_linux_initrd_context initrd_ctx;
++  struct grub_linux_initrd_context initrd_ctx = { 0, };
+ 
+   if (argc == 0)
+     {
+-- 
+1.8.4.5
+

grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch

@@ -1,35 +0,0 @@
-From c7fbe6c1ae22ac9853b03a3d4d742712f31e69b9 Mon Sep 17 00:00:00 2001
-From: Ram Pai <linuxram@us.ibm.com>
-Date: Tue, 25 Feb 2014 23:31:06 +0000
-Subject: [PATCH 23/23] grub segfaults if initrd is specified before specifying
-
- grub segfaults if initrd is specified before specifying
- the kernel. The problem is the initrd module sees that kernel is not
- specified and takes the fail path. In the fail path it checks if anything has
- be malloc'ed. Unfortunately the variable that it looks to check for is a
- uninitialized stack variable. The stack variable can incorrectly indicate
- something is malloced, which leads the module to free some unallocated
- memory. This patch fixes the problem by initializing the stack variable.
-
-Signed-off-by: Ram Pai <linuxram@us.ibm.com>
----
- grub-core/loader/powerpc/ieee1275/linux.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c
-index 9dde053..0d94433 100644
---- a/grub-core/loader/powerpc/ieee1275/linux.c
-+++ b/grub-core/loader/powerpc/ieee1275/linux.c
-@@ -335,6 +335,10 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
-   grub_addr_t addr;
-   struct grub_linux_initrd_context initrd_ctx;
- 
-+  // initialize, otherwise the fail path will try to
-+  // free up data and segfault
-+  initrd_ctx.components = NULL;
-+
-   if (argc == 0)
-     {
-       grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
--- 
-1.8.3.1

grub2.changes

@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Sun Sep 21 06:47:12 UTC 2014 - arvidjaar@gmail.com
+
+- update translations
+- fix possible access to uninitialized pointer in linux loader
+  * add grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
+  * drop superceded grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
+
 -------------------------------------------------------------------
 Thu Sep 18 09:55:57 UTC 2014 - mchang@suse.com
 

grub2.spec

@@ -116,7 +116,7 @@ Source2:        grub.default
 Source3:        README.openSUSE
 Source4:        grub2.rpmlintrc
 # rsync -Lrtvz  translationproject.org::tp/latest/grub/ po
-Source5:        translations-20130626.tar.xz
+Source5:        translations-20140921.tar.xz
 Source6:        grub2-once
 Source7:        20_memtest86+
 Source10:       openSUSE-UEFI-CA-Certificate.crt
@@ -155,6 +155,7 @@ Patch43:        grub2-mkconfig-aarch64.patch
 Patch44:        grub2-glibc-2.20.patch
 Patch45:        grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch
 Patch46:        grub2-xen-legacy-config-device-name.patch
+Patch47:        grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
 # Btrfs snapshot booting related patches
 Patch101:       grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
 Patch102:       grub2-btrfs-02-export-subvolume-envvars.patch
@@ -184,7 +185,6 @@ Patch219:       grub2-ppc64le-19-Use-FUNC_START-FUNC_END-for-powerpc-function-de
 Patch220:       grub2-ppc64le-20-.TOC.-symbol-is-special-in-ppc64le-.-It-maps-to-the-.patch
 Patch221:       grub2-ppc64le-21-the-.toc-section-in-powerpc64le-modules-are-sometime.patch
 Patch222:       grub2-ppc64le-22-all-parameter-to-firmware-calls-should-to-be-BigEndi.patch
-Patch223:       grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
 Patch224:       grub2-ppc64-build-ppc64-32bit.patch
 Patch225:       grub2-ppc64-qemu.patch
 Patch226:       grub2-ppc64le-timeout.patch
@@ -360,6 +360,7 @@ mv po/grub.pot po/%{name}.pot
 %patch44 -p1
 %patch45 -p1
 %patch46 -p1
+%patch47 -p1
 %patch101 -p1
 %patch102 -p1
 %patch103 -p1
@@ -387,7 +388,6 @@ mv po/grub.pot po/%{name}.pot
 %patch220 -p1
 %patch221 -p1
 %patch222 -p1
-%patch223 -p1
 %patch224 -p1
 %patch225 -p1
 %patch226 -p1

translations-20130626.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ac9fa5275d31678601503640145f329e37142f6d11681a790922926a98e67900
-size 431820

translations-20140921.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:36885e7f4039a2634a0abeca7f8ab631c32abc5977119eb33c06c752fb3cecc5
+size 516764