[bug #38800] x86-64: overflowing relocation crashes GRUB

[qwertial]

Follow-up Comment #1, bug #38800 (project grub):

Some other random things discovered by the way:

0. grub-core/gdb_grub needs a correction for 64-bit pointers and data
structures change:


--- grub-core/gdb_grub.in
+++ grub-core/gdb_grub.in
@@ -22,7 +22,7 @@
        printf "%s", $mod->name
        set $segment = $mod->segment
        while ($segment)
-               printf " %i 0x%x", $segment->section, $segment->addr
+               printf " %i 0x%lx", $segment->section, $segment->addr
                set $segment = $segment->next
        end
        printf "n"
@@ -61,7 +61,7 @@
 define load_all_modules
        set $this = grub_dl_head
        while ($this != 0)
-               dump_module_sections $this->mod
+               dump_module_sections $this
                set $this = $this->next
        end
        match_and_load_symbols


1. FOR_LIST_ELEMENTS_SAFE is not as safe as it says: it will dereference the
final NULL pointer after assigning it to var. Which is mostly harmless without
memory protection, but crashes grub-emu running the help command.

2. Speaking of which, running "help help" crashes because the help command was
registered with a 0 pointer for the parser argument. The NULL check in
grub_arg_show_help() happens too late. This does not seem to do much on real
hardware, though it may access some bogus data.

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?38800>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/