bug-grub
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #33422] acorn.c: buffer access out of bounds

From: David Volgyes
Subject: [bug #33422] acorn.c: buffer access out of bounds
Date: Sun, 29 May 2011 08:19:22 +0000
User-agent: Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 
URL:
  <http://savannah.gnu.org/bugs/?33422>

                 Summary: acorn.c: buffer access out of bounds
                 Project: GNU GRUB
            Submitted by: dvolgyes
            Submitted on: Sun 29 May 2011 08:19:21 AM GMT
                Category: Disk &amp; Partition
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 
                 Release: Bazaar - trunk
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

In tar.gz of 1.99rc2 version:
At grub-core/partmap/acorn.c:74
a for-loop tries to access 0x1ff elements in an array
(boot.misc) which has only 0x1c0.
(See grub_acorn_boot_block at the beginning of the same file.)

(Found with cppcheck 1.47.)

I do not know what is the expected behavior of this code-fragments but I am
quite sure that this is a serious bug.





    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?33422>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]