[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #38800] x86-64: overflowing relocation crashes GRUB
From: |
qwertial |
Subject: |
[bug #38800] x86-64: overflowing relocation crashes GRUB |
Date: |
Mon, 22 Apr 2013 18:06:45 +0000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31 |
Follow-up Comment #1, bug #38800 (project grub):
Some other random things discovered by the way:
0. grub-core/gdb_grub needs a correction for 64-bit pointers and data
structures change:
--- grub-core/gdb_grub.in
+++ grub-core/gdb_grub.in
@@ -22,7 +22,7 @@
printf "%s", $mod->name
set $segment = $mod->segment
while ($segment)
- printf " %i 0x%x", $segment->section, $segment->addr
+ printf " %i 0x%lx", $segment->section, $segment->addr
set $segment = $segment->next
end
printf "n"
@@ -61,7 +61,7 @@
define load_all_modules
set $this = grub_dl_head
while ($this != 0)
- dump_module_sections $this->mod
+ dump_module_sections $this
set $this = $this->next
end
match_and_load_symbols
1. FOR_LIST_ELEMENTS_SAFE is not as safe as it says: it will dereference the
final NULL pointer after assigning it to var. Which is mostly harmless without
memory protection, but crashes grub-emu running the help command.
2. Speaking of which, running "help help" crashes because the help command was
registered with a 0 pointer for the parser argument. The NULL check in
grub_arg_show_help() happens too late. This does not seem to do much on real
hardware, though it may access some bogus data.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?38800>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/