upg glibc btrfs-progs hwdata

This commit is contained in:
joborun linux 2023-10-04 14:50:47 +03:00
parent 70feabadd8
commit 14dd1d34c5
12 changed files with 549 additions and 35 deletions

View file

@ -6,7 +6,7 @@
#-----------------------------------------| DESCRIPTION |---------------------------------------
pkgname=btrfs-progs
pkgver=6.5.1
pkgver=6.5.2
pkgrel=01
pkgdesc='Btrfs filesystem utilities w/o systemd'
makedepends=('git' 'asciidoc' 'xmlto' 'python' 'python-setuptools' 'e2fsprogs' 'reiserfsprogs' 'python-sphinx')
@ -14,7 +14,8 @@ depends=('glibc' 'util-linux-libs' 'lzo' 'zlib' 'zstd' 'libgcrypt')
optdepends=('python: libbtrfsutil python bindings'
'e2fsprogs: btrfs-convert'
'reiserfsprogs: btrfs-convert')
url='https://btrfs.wiki.kernel.org'
#url='https://btrfs.wiki.kernel.org'
url='https://btrfs.readthedocs.io'
replaces=('btrfs-progs-unstable')
conflicts=('btrfs-progs-unstable')
provides=('btrfs-progs-unstable')
@ -68,13 +69,13 @@ package() {
arch=(x86_64)
license=('GPL2')
license=('GPL2-only')
validpgpkeys=('F2B41200C54EFB30380C1756C565D5F9D76D583B')
sha256sums=(dacbb28136e82586af802205263a428c3d1941778bc3fdc9b1b386ea12eb904e # btrfs-progs-v6.5.1.tar.xz
ab3b20f68bca9009a9f21ce83bc0ab6cd8d73c82deb63f02cea58fe62d74fcee # btrfs-progs-v6.5.1.tar.sign
sha256sums=(c558b2ddd43f5747a2f5cb62aed3e5c5099703886485a480310fed4698d3610c # btrfs-progs-v6.5.2.tar.xz
a0800e868e819d183a1b3cc758fb2b0b8956cffba6dc628673e8ab75f8fa3ab4 # btrfs-progs-v6.5.2.tar.sign
bbe60b35d1b1e2efc1308a8f54f1fdc6808240a81c5f5b4d75321b7ee86e41f4 # initcpio-install-btrfs
35efeee8590d6d60c711ae9cdc918e4841ab61d10cb02359e65e36ebff95ffc5) # initcpio-hook-btrfs
## 8ad1b2d0115a772ea7c5e3dd64052a8df8d97265e4da089c4a36a50388cf5e28 btrfs-progs-6.5.1-01-x86_64.pkg.tar.lz
## 21d9855128533766a48ef724e2cc65373f1cc87946c4e1dfa0e20401a6d65ba1 btrfs-progs-6.5.2-01-x86_64.pkg.tar.lz

View file

@ -3,7 +3,7 @@
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
pkgname=btrfs-progs
pkgver=6.5.1
pkgver=6.5.2
pkgrel=1
pkgdesc='Btrfs filesystem utilities'
arch=('x86_64')
@ -12,11 +12,11 @@ depends=('glibc' 'util-linux-libs' 'lzo' 'zlib' 'zstd' 'libgcrypt' 'systemd-libs
optdepends=('python: libbtrfsutil python bindings'
'e2fsprogs: btrfs-convert'
'reiserfsprogs: btrfs-convert')
url='https://btrfs.wiki.kernel.org'
url='https://btrfs.readthedocs.io'
replaces=('btrfs-progs-unstable')
conflicts=('btrfs-progs-unstable')
provides=('btrfs-progs-unstable')
license=('GPL2')
license=('GPL2-only')
validpgpkeys=('F2B41200C54EFB30380C1756C565D5F9D76D583B')
source=("https://www.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs/btrfs-progs-v$pkgver.tar."{sign,xz}
'initcpio-install-btrfs'
@ -27,7 +27,7 @@ source=("https://www.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs/btrfs-
install=btrfs-progs.install
options=(!staticlibs)
sha256sums=('SKIP'
'dacbb28136e82586af802205263a428c3d1941778bc3fdc9b1b386ea12eb904e'
'c558b2ddd43f5747a2f5cb62aed3e5c5099703886485a480310fed4698d3610c'
'bbe60b35d1b1e2efc1308a8f54f1fdc6808240a81c5f5b4d75321b7ee86e41f4'
'35efeee8590d6d60c711ae9cdc918e4841ab61d10cb02359e65e36ebff95ffc5'
'eaa7af92d28bfa8940bb551560fd7be777f9f175292eaa72b5f6ef00fb240252'

View file

@ -11,8 +11,8 @@
pkgbase=glibc
pkgname=(glibc lib32-glibc glibc-locales)
pkgver=2.38
_commit=f6445dc94da185b3d1ee283f0ca0a34c4e1986cc
pkgrel=06
_commit=750a45a783906a19591fb8ff6b7841470f1f5701
pkgrel=07
url='https://www.gnu.org/software/libc'
makedepends=(git gd lib32-gcc-libs python)
options=(staticlibs !lto)
@ -239,6 +239,7 @@ sha256sums=(SKIP
cdc234959c6fdb43f000d3bb7d1080b0103f4080f5e67bcfe8ae1aaf477812f0 # sdt-config.h
cf9fe494f7ec69752a63d1b0a9ad689aa620888ae9b902b6383a6fbc7c1726a7) # reenable_DT_HASH.patch
## 2b0f9aa9fb80a47f1daa930aa29faec8ebcfb682fe808b4dbfd9866849efe6fb glibc-2.38-06-x86_64.pkg.tar.lz
## 7a2abdeab9417f98452a2adce0e8307c7c2866a811c55ba44de9fe66a0790fd7 glibc-locales-2.38-06-x86_64.pkg.tar.lz
## e8aaaf321f32ad89f23c6a712e762253eab1060b6f18e3cdf87bc8ca4d15febf lib32-glibc-2.38-06-x86_64.pkg.tar.lz
## 06e9e9785bc650a0bad1321e754cb7459c1ce0d642270a592f7e6a40c4d22959 glibc-2.38-07-x86_64.pkg.tar.lz
## fd64c6b6384e292913161b995b5e3042a5ed25aa7833bfeebabe9e7e40c8b8ca glibc-locales-2.38-07-x86_64.pkg.tar.lz
## b2944ffe5071559e604f64ea9a39cd59c4721947cc5101944da3664080410dbb lib32-glibc-2.38-07-x86_64.pkg.tar.lz

View file

@ -9,8 +9,8 @@
pkgbase=glibc
pkgname=(glibc lib32-glibc glibc-locales)
pkgver=2.38
_commit=f6445dc94da185b3d1ee283f0ca0a34c4e1986cc
pkgrel=6
_commit=750a45a783906a19591fb8ff6b7841470f1f5701
pkgrel=7
arch=(x86_64)
url='https://www.gnu.org/software/libc'
license=(GPL LGPL)

View file

@ -1 +1,6 @@
real 34m42.497s
user 30m30.091s
sys 4m29.408s

View file

@ -0,0 +1,493 @@
From 43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001
From: Maxim Suhanov <dfirblog@gmail.com>
Date: Mon, 28 Aug 2023 16:31:57 +0300
Subject: fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute
for the $MFT file
When parsing an extremely fragmented $MFT file, i.e., the file described
using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer
containing bytes read from the underlying drive to store sector numbers,
which are consumed later to read data from these sectors into another buffer.
These sectors numbers, two 32-bit integers, are always stored at predefined
offsets, 0x10 and 0x14, relative to first byte of the selected entry within
the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem.
However, when parsing a specially-crafted file system image, this may cause
the NTFS code to write these integers beyond the buffer boundary, likely
causing the GRUB memory allocator to misbehave or fail. These integers contain
values which are controlled by on-disk structures of the NTFS file system.
Such modification and resulting misbehavior may touch a memory range not
assigned to the GRUB and owned by firmware or another EFI application/driver.
This fix introduces checks to ensure that these sector numbers are never
written beyond the boundary.
Fixes: CVE-2023-4692
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/fs/ntfs.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index bbdbe24..c3c4db1 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
}
if (at->attr_end)
{
- grub_uint8_t *pa;
+ grub_uint8_t *pa, *pa_end;
at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
if (at->emft_buf == NULL)
@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
}
at->attr_nxt = at->edat_buf;
at->attr_end = at->edat_buf + u32at (pa, 0x30);
+ pa_end = at->edat_buf + n;
}
else
{
at->attr_nxt = at->attr_end + u16at (pa, 0x14);
at->attr_end = at->attr_end + u32at (pa, 4);
+ pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
}
at->flags |= GRUB_NTFS_AF_ALST;
while (at->attr_nxt < at->attr_end)
@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
at->flags |= GRUB_NTFS_AF_GPOS;
at->attr_cur = at->attr_nxt;
pa = at->attr_cur;
+
+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
+ {
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
+ return NULL;
+ }
+
grub_set_unaligned32 ((char *) pa + 0x10,
grub_cpu_to_le32 (at->mft->data->mft_start));
grub_set_unaligned32 ((char *) pa + 0x14,
@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
{
if (*pa != attr)
break;
+
+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
+ {
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
+ return NULL;
+ }
+
if (read_attr
(at, pa + 0x10,
u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
--
cgit v1.1
From 0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Mon Sep 17 00:00:00 2001
From: Maxim Suhanov <dfirblog@gmail.com>
Date: Mon, 28 Aug 2023 16:32:33 +0300
Subject: fs/ntfs: Fix an OOB read when reading data from the resident $DATA
attribute
When reading a file containing resident data, i.e., the file data is stored in
the $DATA attribute within the NTFS file record, not in external clusters,
there are no checks that this resident data actually fits the corresponding
file record segment.
When parsing a specially-crafted file system image, the current NTFS code will
read the file data from an arbitrary, attacker-chosen memory offset and of
arbitrary, attacker-chosen length.
This allows an attacker to display arbitrary chunks of memory, which could
contain sensitive information like password hashes or even plain-text,
obfuscated passwords from BS EFI variables.
This fix implements a check to ensure that resident data is read from the
corresponding file record segment only.
Fixes: CVE-2023-4693
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/fs/ntfs.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index c3c4db1..a68e173 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -401,7 +401,18 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
{
if (ofs + len > u32at (pa, 0x10))
return grub_error (GRUB_ERR_BAD_FS, "read out of range");
- grub_memcpy (dest, pa + u32at (pa, 0x14) + ofs, len);
+
+ if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
+
+ if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
+
+ if (u16at (pa, 0x14) + u32at (pa, 0x10) >
+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
+
+ grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
return 0;
}
--
cgit v1.1
From 7e5f031a6a6a3decc2360a7b0c71abbe598e7354 Mon Sep 17 00:00:00 2001
From: Maxim Suhanov <dfirblog@gmail.com>
Date: Mon, 28 Aug 2023 16:33:17 +0300
Subject: fs/ntfs: Fix an OOB read when parsing directory entries from resident
and non-resident index attributes
This fix introduces checks to ensure that index entries are never read
beyond the corresponding directory index.
The lack of this check is a minor issue, likely not exploitable in any way.
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/fs/ntfs.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index a68e173..2d78b96 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -599,7 +599,7 @@ get_utf8 (grub_uint8_t *in, grub_size_t len)
}
static int
-list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
+list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, grub_uint8_t *end_pos,
grub_fshelp_iterate_dir_hook_t hook, void *hook_data)
{
grub_uint8_t *np;
@@ -610,6 +610,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
grub_uint8_t namespace;
char *ustr;
+ if ((pos >= end_pos) || (end_pos - pos < 0x52))
+ break;
+
if (pos[0xC] & 2) /* end signature */
break;
@@ -617,6 +620,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
ns = *(np++);
namespace = *(np++);
+ if (2 * ns > end_pos - pos - 0x52)
+ break;
+
/*
* Ignore files in DOS namespace, as they will reappear as Win32
* names.
@@ -806,7 +812,9 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
}
cur_pos += 0x10; /* Skip index root */
- ret = list_file (mft, cur_pos + u16at (cur_pos, 0), hook, hook_data);
+ ret = list_file (mft, cur_pos + u16at (cur_pos, 0),
+ at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
+ hook, hook_data);
if (ret)
goto done;
@@ -893,6 +901,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
(const grub_uint8_t *) "INDX")))
goto done;
ret = list_file (mft, &indx[0x18 + u16at (indx, 0x18)],
+ indx + (mft->data->idx_size << GRUB_NTFS_BLK_SHR),
hook, hook_data);
if (ret)
goto done;
--
cgit v1.1
From 7a5a116739fa6d8a625da7d6b9272c9a2462f967 Mon Sep 17 00:00:00 2001
From: Maxim Suhanov <dfirblog@gmail.com>
Date: Mon, 28 Aug 2023 16:33:44 +0300
Subject: fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes
This fix introduces checks to ensure that bitmaps for directory indices
are never read beyond their actual sizes.
The lack of this check is a minor issue, likely not exploitable in any way.
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/fs/ntfs.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index 2d78b96..bb70c89 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -843,6 +843,25 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
if (is_resident)
{
+ if (bitmap_len > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
+ {
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap too large");
+ goto done;
+ }
+
+ if (cur_pos >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
+ {
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
+ goto done;
+ }
+
+ if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) >
+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos)
+ {
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
+ goto done;
+ }
+
grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14),
bitmap_len);
}
--
cgit v1.1
From 1fe82c41e070385e273d7bb1cfb482627a3c28e8 Mon Sep 17 00:00:00 2001
From: Maxim Suhanov <dfirblog@gmail.com>
Date: Mon, 28 Aug 2023 16:38:19 +0300
Subject: fs/ntfs: Fix an OOB read when parsing a volume label
This fix introduces checks to ensure that an NTFS volume label is always
read from the corresponding file record segment.
The current NTFS code allows the volume label string to be read from an
arbitrary, attacker-chosen memory location. However, the bytes read are
always treated as UTF-16LE. So, the final string displayed is mostly
unreadable and it can't be easily converted back to raw bytes.
The lack of this check is a minor issue, likely not causing a significant
data leak.
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/fs/ntfs.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index bb70c89..ff5e374 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -1213,13 +1213,29 @@ grub_ntfs_label (grub_device_t device, char **label)
init_attr (&mft->attr, mft);
pa = find_attr (&mft->attr, GRUB_NTFS_AT_VOLUME_NAME);
+
+ if (pa >= mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR))
+ {
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
+ goto fail;
+ }
+
+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa < 0x16)
+ {
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
+ goto fail;
+ }
+
if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10)))
{
int len;
len = u32at (pa, 0x10) / 2;
pa += u16at (pa, 0x14);
- *label = get_utf8 (pa, len);
+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len)
+ *label = get_utf8 (pa, len);
+ else
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
}
fail:
--
cgit v1.1
From e58b870ff926415e23fc386af41ff81b2f588763 Mon Sep 17 00:00:00 2001
From: Maxim Suhanov <dfirblog@gmail.com>
Date: Mon, 28 Aug 2023 16:40:07 +0300
Subject: fs/ntfs: Make code more readable
Move some calls used to access NTFS attribute header fields into
functions with human-readable names.
Suggested-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/fs/ntfs.c | 48 +++++++++++++++++++++++++++++++++---------------
1 file changed, 33 insertions(+), 15 deletions(-)
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index ff5e374..de435aa 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -52,6 +52,24 @@ u64at (void *ptr, grub_size_t ofs)
return grub_le_to_cpu64 (grub_get_unaligned64 ((char *) ptr + ofs));
}
+static grub_uint16_t
+first_attr_off (void *mft_buf_ptr)
+{
+ return u16at (mft_buf_ptr, 0x14);
+}
+
+static grub_uint16_t
+res_attr_data_off (void *res_attr_ptr)
+{
+ return u16at (res_attr_ptr, 0x14);
+}
+
+static grub_uint32_t
+res_attr_data_len (void *res_attr_ptr)
+{
+ return u32at (res_attr_ptr, 0x10);
+}
+
grub_ntfscomp_func_t grub_ntfscomp_func;
static grub_err_t
@@ -106,7 +124,7 @@ init_attr (struct grub_ntfs_attr *at, struct grub_ntfs_file *mft)
{
at->mft = mft;
at->flags = (mft == &mft->data->mmft) ? GRUB_NTFS_AF_MMFT : 0;
- at->attr_nxt = mft->buf + u16at (mft->buf, 0x14);
+ at->attr_nxt = mft->buf + first_attr_off (mft->buf);
at->attr_end = at->emft_buf = at->edat_buf = at->sbuf = NULL;
}
@@ -154,7 +172,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
return NULL;
}
- new_pos = &at->emft_buf[u16at (at->emft_buf, 0x14)];
+ new_pos = &at->emft_buf[first_attr_off (at->emft_buf)];
while (*new_pos != 0xFF)
{
if ((*new_pos == *at->attr_cur)
@@ -213,7 +231,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
}
else
{
- at->attr_nxt = at->attr_end + u16at (pa, 0x14);
+ at->attr_nxt = at->attr_end + res_attr_data_off (pa);
at->attr_end = at->attr_end + u32at (pa, 4);
pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
}
@@ -399,20 +417,20 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
if (pa[8] == 0)
{
- if (ofs + len > u32at (pa, 0x10))
+ if (ofs + len > res_attr_data_len (pa))
return grub_error (GRUB_ERR_BAD_FS, "read out of range");
- if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
+ if (res_attr_data_len (pa) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
- if (u16at (pa, 0x14) + u32at (pa, 0x10) >
+ if (res_attr_data_off (pa) + res_attr_data_len (pa) >
(grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
- grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
+ grub_memcpy (dest, pa + res_attr_data_off (pa) + ofs, len);
return 0;
}
@@ -556,7 +574,7 @@ init_file (struct grub_ntfs_file *mft, grub_uint64_t mftno)
(unsigned long long) mftno);
if (!pa[8])
- mft->size = u32at (pa, 0x10);
+ mft->size = res_attr_data_len (pa);
else
mft->size = u64at (pa, 0x30);
@@ -805,7 +823,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
(u32at (cur_pos, 0x18) != 0x490024) ||
(u32at (cur_pos, 0x1C) != 0x300033))
continue;
- cur_pos += u16at (cur_pos, 0x14);
+ cur_pos += res_attr_data_off (cur_pos);
if (*cur_pos != 0x30) /* Not filename index */
continue;
break;
@@ -834,7 +852,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
{
int is_resident = (cur_pos[8] == 0);
- bitmap_len = ((is_resident) ? u32at (cur_pos, 0x10) :
+ bitmap_len = ((is_resident) ? res_attr_data_len (cur_pos) :
u32at (cur_pos, 0x28));
bmp = grub_malloc (bitmap_len);
@@ -855,14 +873,14 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
goto done;
}
- if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) >
+ if (res_attr_data_off (cur_pos) + res_attr_data_len (cur_pos) >
(grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos)
{
grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
goto done;
}
- grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14),
+ grub_memcpy (bmp, cur_pos + res_attr_data_off (cur_pos),
bitmap_len);
}
else
@@ -1226,12 +1244,12 @@ grub_ntfs_label (grub_device_t device, char **label)
goto fail;
}
- if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10)))
+ if ((pa) && (pa[8] == 0) && (res_attr_data_len (pa)))
{
int len;
- len = u32at (pa, 0x10) / 2;
- pa += u16at (pa, 0x14);
+ len = res_attr_data_len (pa) / 2;
+ pa += res_attr_data_off (pa);
if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len)
*label = get_utf8 (pa, len);
else
--
cgit v1.1

View file

@ -22,9 +22,9 @@ pkgdesc='GNU GRand Unified Bootloader (2)'
epoch=2
_tag='bb59f566e1e5c387dbfd342bb3767f761422c744' # git rev-parse grub-${_pkgver}
_pkgver=2.12rc1
_unifont_ver='15.0.06'
_unifont_ver='15.1.02'
pkgver=${_pkgver/-/}
pkgrel=01
pkgrel=03
url='https://www.gnu.org/software/grub/'
backup=('etc/default/grub'
'etc/grub.d/40_custom')
@ -59,6 +59,7 @@ source=("git+https://git.savannah.gnu.org/git/grub.git#tag=${_tag}?signed"
'0001-00_header-add-GRUB_COLOR_-variables.patch'
'0002-10_linux-detect-archlinux-initramfs.patch'
'0003-support-dropins-for-default-configuration.patch'
'0004-ntfs-module-security.patch'
'grub.default'
'grub.default.run'
'grub.default.66'
@ -121,6 +122,9 @@ prepare() {
echo "Patch to support dropins for default configuration..."
patch -Np1 -i "${srcdir}/0003-support-dropins-for-default-configuration.patch"
echo "Patch to fix ntfs module security vulnerabilities"
patch -Np1 -i "${srcdir}/0004-ntfs-module-security.patch"
echo "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme..."
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"
@ -326,19 +330,21 @@ validpgpkeys=('E53D497F3FA42AD8C9B4D1E835A93B74E82E4209' # Vladimir 'phcoder' S
sha256sums=(SKIP
SKIP
93cb54fa103a00e25cd3e16550b4b4eb13cbd098e515679ade3ae82cd0739f29 # unifont-15.0.06.bdf.gz
d968cdf6eefdc2fd6f17515e559a76f513d5edec4e9a495b935d0f285cb69bc8 # unifont-15.0.06.bdf.gz.sig
912834ab9cd372f300541894615f910af4db82477c91b236674057eadfc76429 # unifont-15.1.02.bdf.gz
f5d0b76b9d5462411b90cb3bbfa33d15bdf58cb89aa8b6d53eb2fbf0d4f4633c # unifont-15.1.02.bdf.gz.sig
5dee6628c48eef79812bb9e86ee772068d85e7fcebbd2b2b8d1e19d24eda9dab # 0001-00_header-add-GRUB_COLOR_-variables.patch
8488aec30a93e8fe66c23ef8c23aefda39c38389530e9e73ba3fbcc8315d244d # 0002-10_linux-detect-archlinux-initramfs.patch
b5d9fcd62ffb3c3950fdeb7089ec2dc2294ac52e9861980ad90a437dedbd3d47 # 0003-support-dropins-for-default-configuration.patch
4bdd5ceb13dbd4c41fde24163f16a0ba05447d821e74d938a0b9e5fce0431140 # 0004-ntfs-module-security.patch
83f99850b6c751d0a7bd3e6b9f1808a0c05962cdd1cd8f57cbbd63f1a3379c96 # grub.default
83f99850b6c751d0a7bd3e6b9f1808a0c05962cdd1cd8f57cbbd63f1a3379c96 # grub.default.run
adad61d98de32e241a1cf55a166699de449533fa16e15e97a326515f80639ef7 # grub.default.66
98b23d41e223bdc0a6e20bdcb3aa77e642f29b64081b1fd2f575314172fc89df) # sbat.csv
# Note to packager:
ls -l *pkg.tar.lz
echo "you must rename this package to meet SF naming before you move to the repo"
mv $(ls -l $pkgname*pkg.tar.lz) $pkgname-$epoch_$pkgver-$pkgrel-$arch.pkg.tar.lz >pkg-mv.log
#ls -l *pkg.tar.lz
#echo "you must rename this package to meet SF naming before you move to the repo"
#mv $(ls -l $pkgname*pkg.tar.lz) $pkgname-$epoch_$pkgver-$pkgrel-$arch.pkg.tar.lz >pkg-mv.log
## 95ee50a5c5d266d576dda6dbf10a3ae1395599bb1bf4ae59263f0217c41f281b grub-2:2.12rc1-03-x86_64.pkg.tar.lz
## be47ba937340775e8fa7b66ac004d95139101db47cd74b79391103bf8635d494 grub-2:2.12rc1-01-x86_64.pkg.tar.lz

View file

@ -1,6 +1,6 @@
# Maintainer : Christian Hesse <mail@eworm.de>
# Maintainer : Ronald van Haren <ronald.archlinux.org>
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
# Maintainer : Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Ronald van Haren <ronald.archlinux.org>
# Contributor: Keshav Amburay <(the ddoott ridikulus ddoott rat) (aatt) (gemmaeiil) (ddoott) (ccoomm)>
## "1" to enable IA32-EFI build in Arch x86_64, "0" to disable
@ -20,9 +20,9 @@ pkgdesc='GNU GRand Unified Bootloader (2)'
epoch=2
_tag='bb59f566e1e5c387dbfd342bb3767f761422c744' # git rev-parse grub-${_pkgver}
_pkgver=2.12rc1
_unifont_ver='15.0.06'
_unifont_ver='15.1.02'
pkgver=${_pkgver/-/}
pkgrel=1
pkgrel=3
url='https://www.gnu.org/software/grub/'
arch=('x86_64')
license=('GPL3')
@ -63,16 +63,18 @@ source=("git+https://git.savannah.gnu.org/git/grub.git#tag=${_tag}?signed"
'0001-00_header-add-GRUB_COLOR_-variables.patch'
'0002-10_linux-detect-archlinux-initramfs.patch'
'0003-support-dropins-for-default-configuration.patch'
'0004-ntfs-module-security.patch'
'grub.default'
'sbat.csv')
sha256sums=('SKIP'
'SKIP'
'93cb54fa103a00e25cd3e16550b4b4eb13cbd098e515679ade3ae82cd0739f29'
'912834ab9cd372f300541894615f910af4db82477c91b236674057eadfc76429'
'SKIP'
'5dee6628c48eef79812bb9e86ee772068d85e7fcebbd2b2b8d1e19d24eda9dab'
'8488aec30a93e8fe66c23ef8c23aefda39c38389530e9e73ba3fbcc8315d244d'
'b5d9fcd62ffb3c3950fdeb7089ec2dc2294ac52e9861980ad90a437dedbd3d47'
'4bdd5ceb13dbd4c41fde24163f16a0ba05447d821e74d938a0b9e5fce0431140'
'7df3f5cb5df7d2dfb17f4c9b5c5dedc9519ddce6f8d2c6cd43d1be17cecb65cb'
'98b23d41e223bdc0a6e20bdcb3aa77e642f29b64081b1fd2f575314172fc89df')
@ -131,6 +133,10 @@ prepare() {
echo "Patch to support dropins for default configuration..."
patch -Np1 -i "${srcdir}/0003-support-dropins-for-default-configuration.patch"
echo "Patch to fix ntfs module security vulnerabilities"
patch -Np1 -i "${srcdir}/0004-ntfs-module-security.patch"
echo "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme..."
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"

View file

@ -15,3 +15,4 @@ bison
os-prober
graphite

View file

@ -6,7 +6,7 @@
#-----------------------------------------| DESCRIPTION |---------------------------------------
pkgname=hwdata
pkgver=0.374
pkgver=0.375
pkgrel=01
pkgdesc="hardware identification databases"
makedepends=('git')
@ -31,10 +31,10 @@ package() {
arch=(x86_64)
license=('GPL2')
license=('GPL2-or-later')
validpgpkeys=('3C40194FB79138CE0F78FD4919C2F062574F5403') # Vitezslav Crhonek
sha256sums=(SKIP)
## 4e98a766025075bf73ae6220051389e236787eaf98451ace35c608101e8b0800 hwdata-0.374-01-x86_64.pkg.tar.lz
## cb9b58c77b27f2fbd49855d1314c4dbbb92ee11d1238a551c5ba53fe76dc853a hwdata-0.375-01-x86_64.pkg.tar.lz

View file

@ -1,12 +1,12 @@
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
pkgname=hwdata
pkgver=0.374
pkgver=0.375
pkgrel=1
pkgdesc="hardware identification databases"
makedepends=('git')
replaces=('hwids')
url=https://github.com/vcrhonek/hwdata
license=('GPL2')
license=('GPL2-or-later')
arch=('any')
source=("git+https://github.com/vcrhonek/hwdata.git#tag=v${pkgver}?signed")
validpgpkeys=('3C40194FB79138CE0F78FD4919C2F062574F5403') # Vitezslav Crhonek

View file

@ -1,3 +1,4 @@
git