[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] Fix unallocated memory access in insert_string
|
From: |
Andrey Borzenkov |
|
Subject: |
[PATCH] Fix unallocated memory access in insert_string |
|
Date: |
Tue, 19 Feb 2013 20:23:52 +0400 |
When appending string at the end, there is nothing to shift down and
(screen->line + 2) points beyond allocated array.
Signed-off-by: Andrey Borzenkov <address@hidden>
---
ChangeLog | 5 +++++
grub-core/normal/menu_entry.c | 11 ++++++-----
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 654ebcb..2be5967 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-02-19 Andrey Borzenkov <address@hidden>
+
+ * grub-core/normal/menu_entry.c (insert_string): fix off by one
+ access to unallocated memory.
+
2013-02-19 Paulo Flabiano Smorigo <address@hidden>
Support Openfirmware disks with non-512B sectors.
diff --git a/grub-core/normal/menu_entry.c b/grub-core/normal/menu_entry.c
index 7cd67f3..85f97da 100644
--- a/grub-core/normal/menu_entry.c
+++ b/grub-core/normal/menu_entry.c
@@ -393,11 +393,12 @@ insert_string (struct screen *screen, const char *s, int
update)
if (! screen->lines)
return 0;
- /* Scroll down. */
- grub_memmove (screen->lines + screen->line + 2,
- screen->lines + screen->line + 1,
- ((screen->num_lines - screen->line - 2)
- * sizeof (struct line)));
+ /* Shift down if not appending after the last line. */
+ if (screen->line < screen->num_lines - 2)
+ grub_memmove (screen->lines + screen->line + 2,
+ screen->lines + screen->line + 1,
+ ((screen->num_lines - screen->line - 2)
+ * sizeof (struct line)));
if (! init_line (screen, screen->lines + screen->line + 1))
return 0;
--
tg: (cc35b49..) fu/insert_string-unallocated-memory (depends on: master)
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [PATCH] Fix unallocated memory access in insert_string,
Andrey Borzenkov <=