From c7fbe6c1ae22ac9853b03a3d4d742712f31e69b9 Mon Sep 17 00:00:00 2001 From: Ram Pai Date: Tue, 25 Feb 2014 23:31:06 +0000 Subject: [PATCH 23/23] grub segfaults if initrd is specified before specifying grub segfaults if initrd is specified before specifying the kernel. The problem is the initrd module sees that kernel is not specified and takes the fail path. In the fail path it checks if anything has be malloc'ed. Unfortunately the variable that it looks to check for is a uninitialized stack variable. The stack variable can incorrectly indicate something is malloced, which leads the module to free some unallocated memory. This patch fixes the problem by initializing the stack variable. Signed-off-by: Ram Pai --- grub-core/loader/powerpc/ieee1275/linux.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c index 9dde053..0d94433 100644 --- a/grub-core/loader/powerpc/ieee1275/linux.c +++ b/grub-core/loader/powerpc/ieee1275/linux.c @@ -335,6 +335,10 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)), grub_addr_t addr; struct grub_linux_initrd_context initrd_ctx; + // initialize, otherwise the fail path will try to + // free up data and segfault + initrd_ctx.components = NULL; + if (argc == 0) { grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected")); -- 1.8.3.1