[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 1/1] Fix integer overflow at left shift expression on i386-pc
|
From: |
Maxim Fomin |
|
Subject: |
[PATCH v2 1/1] Fix integer overflow at left shift expression on i386-pc platform |
|
Date: |
Sat, 17 Dec 2022 18:22:35 +0000 |
>From 5db28aa0cb98e906adc7cb735bfa1979ce32c228 Mon Sep 17 00:00:00 2001
From: Maxim Fomin <maxim@fomin.one>
Date: Sat, 17 Dec 2022 18:11:34 +0000
Subject: [PATCH v2 1/1] Fix integer overflow at left shift expression on
i386-pc platform.
In case of large partitions (>1TiB) left shift
expression with unsigned 'length' object and
signed GRUB_DISK_SECTOR_BITS macro may cause
integer overflow making calculated partition
size less than true value. This issue is fixed
by increasing the size of 'length' integer type
and casting GRUB_DISK_SECTOR_BITS to unsigned
type prior to shift expression.
Signed-off-by: Maxim Fomin <maxim@fomin.one>
---
grub-core/kern/fs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c
index b9508296d..c196f2bf1 100644
--- a/grub-core/kern/fs.c
+++ b/grub-core/kern/fs.c
@@ -130,7 +130,7 @@ grub_fs_probe (grub_device_t device)
struct grub_fs_block
{
grub_disk_addr_t offset;
- unsigned long length;
+ grub_disk_addr_t length;
};
static grub_err_t
@@ -195,7 +195,7 @@ grub_fs_blocklist_open (grub_file_t file, const char *name)
goto fail;
}
- file->size += (blocks[i].length << GRUB_DISK_SECTOR_BITS);
+ file->size += (blocks[i].length << (grub_disk_addr_t)
GRUB_DISK_SECTOR_BITS);
p++;
}
--
2.39.0
- [PATCH v2 1/1] Fix integer overflow at left shift expression on i386-pc platform,
Maxim Fomin <=