[PATCH] setkey fails and causes GRUB to crash.

bug-grub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] setkey fails and causes GRUB to crash.

From:	Daniel Pittman
Subject:	[PATCH] setkey fails and causes GRUB to crash.
Date:	09 Oct 2000 23:34:17 +1100
User-agent:	Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.2 (Notus)

It seems that no one must have tried to use the 'setkey' command in GRUB
before today. I finally got around to starting to put together my dvorak
keymap for it[1], I found a nasty bug.

The issues is the table that GRUB uses internally to store the key
names, combined with the nature of the grub_strcmp call.

Anyway, the backtrack for a setkey command is:

,----[ grub setkey backtrace ]
| grub> setkey a o
| Program received signal SIGSEGV, Segmentation fault.
| 0x804b57a in grub_strcmp (s1=0x40178c4f "a", s2=0x0) at char_io.c:1008
| 1008          if (*s1 < *s2)
| (gdb) where
| #0  0x804b57a in grub_strcmp (s1=0x40178c4f "a", s2=0x0) at char_io.c:1008
| #1  0x80556d0 in find_ascii_code (key=0x40178c4f "a") at builtins.c:3202
| #2  0x805573c in setkey_func (arg=0x40178c4f "a", flags=1) at builtins.c:3215
| #3  0x80566c1 in enter_cmdline (heap=0x40178c48 "setkey a", forever=1)
|     at cmdline.c:168
| #4  0x80527ca in cmain () at stage2.c:907
| #5  0x804a606 in init_bios_info () at common.c:282
| #6  0x80495da in doit () at asmstub.c:120
| #7  0x80497d2 in grub_stage2 () at asmstub.c:176
| #8  0x8049596 in main (argc=1, argv=0xbffff914) at main.c:238
| #9  0x40078b8c in __libc_start_main () from /lib/libc.so.6
| (gdb) quit
`----

The issue is that the 'keysym_table' structure uses a NULL (0) value in
the table to store a 'none' item. The code in the 'setkey' function does
not take this into account and blindly passes the NULL pointer into
'grub_strcmp'.

The strcmp routine then dereferences through the NULL pointer with,
well, predictable effects. I have not verified that this bug occurs with
the boot-time GRUB, just the Unix based grub shell.

Code inspection says that the issue would be present at that time also.
The attached patch is a fairly trivial change to the effected routine to
make it test for a NULL pointer before doing the strcmp.

I don't know if this is the right fix but it certainly removes the issue
locally.

        Daniel

Footnotes: 
[1]  Would there be interest in having this contributed back to GRUB
     when I have it - or the script to turn a Linux keymap into a GRUB
     keymap?

txtljAlZGmS2W.txt
Description: Text Data

-- 
Organization and method mean much, but contagious human characters mean more
in a university, where a few undisciplinables ... may be infinitely more
precious than a faculty full of orderly routinists.
        -- William James

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] setkey fails and causes GRUB to crash., Daniel Pittman <=
- Re: [PATCH] setkey fails and causes GRUB to crash., OKUJI Yoshinori, 2000/10/09

Prev by Date: Bug in stage2 loader (stage2/start.S)
Next by Date: changes for 0.5.96.1
Previous by thread: Bug in stage2 loader (stage2/start.S)
Next by thread: Re: [PATCH] setkey fails and causes GRUB to crash.
Index(es):
- Date
- Thread