upg glibc btrfs-progs hwdata
This commit is contained in:
parent
70feabadd8
commit
14dd1d34c5
12 changed files with 549 additions and 35 deletions
|
@ -6,7 +6,7 @@
|
|||
#-----------------------------------------| DESCRIPTION |---------------------------------------
|
||||
|
||||
pkgname=btrfs-progs
|
||||
pkgver=6.5.1
|
||||
pkgver=6.5.2
|
||||
pkgrel=01
|
||||
pkgdesc='Btrfs filesystem utilities w/o systemd'
|
||||
makedepends=('git' 'asciidoc' 'xmlto' 'python' 'python-setuptools' 'e2fsprogs' 'reiserfsprogs' 'python-sphinx')
|
||||
|
@ -14,7 +14,8 @@ depends=('glibc' 'util-linux-libs' 'lzo' 'zlib' 'zstd' 'libgcrypt')
|
|||
optdepends=('python: libbtrfsutil python bindings'
|
||||
'e2fsprogs: btrfs-convert'
|
||||
'reiserfsprogs: btrfs-convert')
|
||||
url='https://btrfs.wiki.kernel.org'
|
||||
#url='https://btrfs.wiki.kernel.org'
|
||||
url='https://btrfs.readthedocs.io'
|
||||
replaces=('btrfs-progs-unstable')
|
||||
conflicts=('btrfs-progs-unstable')
|
||||
provides=('btrfs-progs-unstable')
|
||||
|
@ -68,13 +69,13 @@ package() {
|
|||
|
||||
arch=(x86_64)
|
||||
|
||||
license=('GPL2')
|
||||
license=('GPL2-only')
|
||||
|
||||
validpgpkeys=('F2B41200C54EFB30380C1756C565D5F9D76D583B')
|
||||
|
||||
sha256sums=(dacbb28136e82586af802205263a428c3d1941778bc3fdc9b1b386ea12eb904e # btrfs-progs-v6.5.1.tar.xz
|
||||
ab3b20f68bca9009a9f21ce83bc0ab6cd8d73c82deb63f02cea58fe62d74fcee # btrfs-progs-v6.5.1.tar.sign
|
||||
sha256sums=(c558b2ddd43f5747a2f5cb62aed3e5c5099703886485a480310fed4698d3610c # btrfs-progs-v6.5.2.tar.xz
|
||||
a0800e868e819d183a1b3cc758fb2b0b8956cffba6dc628673e8ab75f8fa3ab4 # btrfs-progs-v6.5.2.tar.sign
|
||||
bbe60b35d1b1e2efc1308a8f54f1fdc6808240a81c5f5b4d75321b7ee86e41f4 # initcpio-install-btrfs
|
||||
35efeee8590d6d60c711ae9cdc918e4841ab61d10cb02359e65e36ebff95ffc5) # initcpio-hook-btrfs
|
||||
|
||||
## 8ad1b2d0115a772ea7c5e3dd64052a8df8d97265e4da089c4a36a50388cf5e28 btrfs-progs-6.5.1-01-x86_64.pkg.tar.lz
|
||||
## 21d9855128533766a48ef724e2cc65373f1cc87946c4e1dfa0e20401a6d65ba1 btrfs-progs-6.5.2-01-x86_64.pkg.tar.lz
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
|
||||
|
||||
pkgname=btrfs-progs
|
||||
pkgver=6.5.1
|
||||
pkgver=6.5.2
|
||||
pkgrel=1
|
||||
pkgdesc='Btrfs filesystem utilities'
|
||||
arch=('x86_64')
|
||||
|
@ -12,11 +12,11 @@ depends=('glibc' 'util-linux-libs' 'lzo' 'zlib' 'zstd' 'libgcrypt' 'systemd-libs
|
|||
optdepends=('python: libbtrfsutil python bindings'
|
||||
'e2fsprogs: btrfs-convert'
|
||||
'reiserfsprogs: btrfs-convert')
|
||||
url='https://btrfs.wiki.kernel.org'
|
||||
url='https://btrfs.readthedocs.io'
|
||||
replaces=('btrfs-progs-unstable')
|
||||
conflicts=('btrfs-progs-unstable')
|
||||
provides=('btrfs-progs-unstable')
|
||||
license=('GPL2')
|
||||
license=('GPL2-only')
|
||||
validpgpkeys=('F2B41200C54EFB30380C1756C565D5F9D76D583B')
|
||||
source=("https://www.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs/btrfs-progs-v$pkgver.tar."{sign,xz}
|
||||
'initcpio-install-btrfs'
|
||||
|
@ -27,7 +27,7 @@ source=("https://www.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs/btrfs-
|
|||
install=btrfs-progs.install
|
||||
options=(!staticlibs)
|
||||
sha256sums=('SKIP'
|
||||
'dacbb28136e82586af802205263a428c3d1941778bc3fdc9b1b386ea12eb904e'
|
||||
'c558b2ddd43f5747a2f5cb62aed3e5c5099703886485a480310fed4698d3610c'
|
||||
'bbe60b35d1b1e2efc1308a8f54f1fdc6808240a81c5f5b4d75321b7ee86e41f4'
|
||||
'35efeee8590d6d60c711ae9cdc918e4841ab61d10cb02359e65e36ebff95ffc5'
|
||||
'eaa7af92d28bfa8940bb551560fd7be777f9f175292eaa72b5f6ef00fb240252'
|
||||
|
|
|
@ -11,8 +11,8 @@
|
|||
pkgbase=glibc
|
||||
pkgname=(glibc lib32-glibc glibc-locales)
|
||||
pkgver=2.38
|
||||
_commit=f6445dc94da185b3d1ee283f0ca0a34c4e1986cc
|
||||
pkgrel=06
|
||||
_commit=750a45a783906a19591fb8ff6b7841470f1f5701
|
||||
pkgrel=07
|
||||
url='https://www.gnu.org/software/libc'
|
||||
makedepends=(git gd lib32-gcc-libs python)
|
||||
options=(staticlibs !lto)
|
||||
|
@ -239,6 +239,7 @@ sha256sums=(SKIP
|
|||
cdc234959c6fdb43f000d3bb7d1080b0103f4080f5e67bcfe8ae1aaf477812f0 # sdt-config.h
|
||||
cf9fe494f7ec69752a63d1b0a9ad689aa620888ae9b902b6383a6fbc7c1726a7) # reenable_DT_HASH.patch
|
||||
|
||||
## 2b0f9aa9fb80a47f1daa930aa29faec8ebcfb682fe808b4dbfd9866849efe6fb glibc-2.38-06-x86_64.pkg.tar.lz
|
||||
## 7a2abdeab9417f98452a2adce0e8307c7c2866a811c55ba44de9fe66a0790fd7 glibc-locales-2.38-06-x86_64.pkg.tar.lz
|
||||
## e8aaaf321f32ad89f23c6a712e762253eab1060b6f18e3cdf87bc8ca4d15febf lib32-glibc-2.38-06-x86_64.pkg.tar.lz
|
||||
## 06e9e9785bc650a0bad1321e754cb7459c1ce0d642270a592f7e6a40c4d22959 glibc-2.38-07-x86_64.pkg.tar.lz
|
||||
## fd64c6b6384e292913161b995b5e3042a5ed25aa7833bfeebabe9e7e40c8b8ca glibc-locales-2.38-07-x86_64.pkg.tar.lz
|
||||
## b2944ffe5071559e604f64ea9a39cd59c4721947cc5101944da3664080410dbb lib32-glibc-2.38-07-x86_64.pkg.tar.lz
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
pkgbase=glibc
|
||||
pkgname=(glibc lib32-glibc glibc-locales)
|
||||
pkgver=2.38
|
||||
_commit=f6445dc94da185b3d1ee283f0ca0a34c4e1986cc
|
||||
pkgrel=6
|
||||
_commit=750a45a783906a19591fb8ff6b7841470f1f5701
|
||||
pkgrel=7
|
||||
arch=(x86_64)
|
||||
url='https://www.gnu.org/software/libc'
|
||||
license=(GPL LGPL)
|
||||
|
|
|
@ -1 +1,6 @@
|
|||
|
||||
|
||||
real 34m42.497s
|
||||
user 30m30.091s
|
||||
sys 4m29.408s
|
||||
|
||||
|
|
493
grub/0004-ntfs-module-security.patch
Normal file
493
grub/0004-ntfs-module-security.patch
Normal file
|
@ -0,0 +1,493 @@
|
|||
From 43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:31:57 +0300
|
||||
Subject: fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute
|
||||
for the $MFT file
|
||||
|
||||
When parsing an extremely fragmented $MFT file, i.e., the file described
|
||||
using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer
|
||||
containing bytes read from the underlying drive to store sector numbers,
|
||||
which are consumed later to read data from these sectors into another buffer.
|
||||
|
||||
These sectors numbers, two 32-bit integers, are always stored at predefined
|
||||
offsets, 0x10 and 0x14, relative to first byte of the selected entry within
|
||||
the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem.
|
||||
|
||||
However, when parsing a specially-crafted file system image, this may cause
|
||||
the NTFS code to write these integers beyond the buffer boundary, likely
|
||||
causing the GRUB memory allocator to misbehave or fail. These integers contain
|
||||
values which are controlled by on-disk structures of the NTFS file system.
|
||||
|
||||
Such modification and resulting misbehavior may touch a memory range not
|
||||
assigned to the GRUB and owned by firmware or another EFI application/driver.
|
||||
|
||||
This fix introduces checks to ensure that these sector numbers are never
|
||||
written beyond the boundary.
|
||||
|
||||
Fixes: CVE-2023-4692
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 18 +++++++++++++++++-
|
||||
1 file changed, 17 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index bbdbe24..c3c4db1 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
}
|
||||
if (at->attr_end)
|
||||
{
|
||||
- grub_uint8_t *pa;
|
||||
+ grub_uint8_t *pa, *pa_end;
|
||||
|
||||
at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
|
||||
if (at->emft_buf == NULL)
|
||||
@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
}
|
||||
at->attr_nxt = at->edat_buf;
|
||||
at->attr_end = at->edat_buf + u32at (pa, 0x30);
|
||||
+ pa_end = at->edat_buf + n;
|
||||
}
|
||||
else
|
||||
{
|
||||
at->attr_nxt = at->attr_end + u16at (pa, 0x14);
|
||||
at->attr_end = at->attr_end + u32at (pa, 4);
|
||||
+ pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
|
||||
}
|
||||
at->flags |= GRUB_NTFS_AF_ALST;
|
||||
while (at->attr_nxt < at->attr_end)
|
||||
@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
at->flags |= GRUB_NTFS_AF_GPOS;
|
||||
at->attr_cur = at->attr_nxt;
|
||||
pa = at->attr_cur;
|
||||
+
|
||||
+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
grub_set_unaligned32 ((char *) pa + 0x10,
|
||||
grub_cpu_to_le32 (at->mft->data->mft_start));
|
||||
grub_set_unaligned32 ((char *) pa + 0x14,
|
||||
@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
{
|
||||
if (*pa != attr)
|
||||
break;
|
||||
+
|
||||
+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
if (read_attr
|
||||
(at, pa + 0x10,
|
||||
u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
From 0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:32:33 +0300
|
||||
Subject: fs/ntfs: Fix an OOB read when reading data from the resident $DATA
|
||||
attribute
|
||||
|
||||
When reading a file containing resident data, i.e., the file data is stored in
|
||||
the $DATA attribute within the NTFS file record, not in external clusters,
|
||||
there are no checks that this resident data actually fits the corresponding
|
||||
file record segment.
|
||||
|
||||
When parsing a specially-crafted file system image, the current NTFS code will
|
||||
read the file data from an arbitrary, attacker-chosen memory offset and of
|
||||
arbitrary, attacker-chosen length.
|
||||
|
||||
This allows an attacker to display arbitrary chunks of memory, which could
|
||||
contain sensitive information like password hashes or even plain-text,
|
||||
obfuscated passwords from BS EFI variables.
|
||||
|
||||
This fix implements a check to ensure that resident data is read from the
|
||||
corresponding file record segment only.
|
||||
|
||||
Fixes: CVE-2023-4693
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index c3c4db1..a68e173 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -401,7 +401,18 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
|
||||
{
|
||||
if (ofs + len > u32at (pa, 0x10))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "read out of range");
|
||||
- grub_memcpy (dest, pa + u32at (pa, 0x14) + ofs, len);
|
||||
+
|
||||
+ if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
|
||||
+
|
||||
+ if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
+
|
||||
+ if (u16at (pa, 0x14) + u32at (pa, 0x10) >
|
||||
+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
|
||||
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
+
|
||||
+ grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
From 7e5f031a6a6a3decc2360a7b0c71abbe598e7354 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:33:17 +0300
|
||||
Subject: fs/ntfs: Fix an OOB read when parsing directory entries from resident
|
||||
and non-resident index attributes
|
||||
|
||||
This fix introduces checks to ensure that index entries are never read
|
||||
beyond the corresponding directory index.
|
||||
|
||||
The lack of this check is a minor issue, likely not exploitable in any way.
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 13 +++++++++++--
|
||||
1 file changed, 11 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index a68e173..2d78b96 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -599,7 +599,7 @@ get_utf8 (grub_uint8_t *in, grub_size_t len)
|
||||
}
|
||||
|
||||
static int
|
||||
-list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
|
||||
+list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, grub_uint8_t *end_pos,
|
||||
grub_fshelp_iterate_dir_hook_t hook, void *hook_data)
|
||||
{
|
||||
grub_uint8_t *np;
|
||||
@@ -610,6 +610,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
|
||||
grub_uint8_t namespace;
|
||||
char *ustr;
|
||||
|
||||
+ if ((pos >= end_pos) || (end_pos - pos < 0x52))
|
||||
+ break;
|
||||
+
|
||||
if (pos[0xC] & 2) /* end signature */
|
||||
break;
|
||||
|
||||
@@ -617,6 +620,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
|
||||
ns = *(np++);
|
||||
namespace = *(np++);
|
||||
|
||||
+ if (2 * ns > end_pos - pos - 0x52)
|
||||
+ break;
|
||||
+
|
||||
/*
|
||||
* Ignore files in DOS namespace, as they will reappear as Win32
|
||||
* names.
|
||||
@@ -806,7 +812,9 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
}
|
||||
|
||||
cur_pos += 0x10; /* Skip index root */
|
||||
- ret = list_file (mft, cur_pos + u16at (cur_pos, 0), hook, hook_data);
|
||||
+ ret = list_file (mft, cur_pos + u16at (cur_pos, 0),
|
||||
+ at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
|
||||
+ hook, hook_data);
|
||||
if (ret)
|
||||
goto done;
|
||||
|
||||
@@ -893,6 +901,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
(const grub_uint8_t *) "INDX")))
|
||||
goto done;
|
||||
ret = list_file (mft, &indx[0x18 + u16at (indx, 0x18)],
|
||||
+ indx + (mft->data->idx_size << GRUB_NTFS_BLK_SHR),
|
||||
hook, hook_data);
|
||||
if (ret)
|
||||
goto done;
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
From 7a5a116739fa6d8a625da7d6b9272c9a2462f967 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:33:44 +0300
|
||||
Subject: fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes
|
||||
|
||||
This fix introduces checks to ensure that bitmaps for directory indices
|
||||
are never read beyond their actual sizes.
|
||||
|
||||
The lack of this check is a minor issue, likely not exploitable in any way.
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 19 +++++++++++++++++++
|
||||
1 file changed, 19 insertions(+)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index 2d78b96..bb70c89 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -843,6 +843,25 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
|
||||
if (is_resident)
|
||||
{
|
||||
+ if (bitmap_len > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap too large");
|
||||
+ goto done;
|
||||
+ }
|
||||
+
|
||||
+ if (cur_pos >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
|
||||
+ goto done;
|
||||
+ }
|
||||
+
|
||||
+ if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) >
|
||||
+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
|
||||
+ goto done;
|
||||
+ }
|
||||
+
|
||||
grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14),
|
||||
bitmap_len);
|
||||
}
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
From 1fe82c41e070385e273d7bb1cfb482627a3c28e8 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:38:19 +0300
|
||||
Subject: fs/ntfs: Fix an OOB read when parsing a volume label
|
||||
|
||||
This fix introduces checks to ensure that an NTFS volume label is always
|
||||
read from the corresponding file record segment.
|
||||
|
||||
The current NTFS code allows the volume label string to be read from an
|
||||
arbitrary, attacker-chosen memory location. However, the bytes read are
|
||||
always treated as UTF-16LE. So, the final string displayed is mostly
|
||||
unreadable and it can't be easily converted back to raw bytes.
|
||||
|
||||
The lack of this check is a minor issue, likely not causing a significant
|
||||
data leak.
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 18 +++++++++++++++++-
|
||||
1 file changed, 17 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index bb70c89..ff5e374 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -1213,13 +1213,29 @@ grub_ntfs_label (grub_device_t device, char **label)
|
||||
|
||||
init_attr (&mft->attr, mft);
|
||||
pa = find_attr (&mft->attr, GRUB_NTFS_AT_VOLUME_NAME);
|
||||
+
|
||||
+ if (pa >= mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
|
||||
+ goto fail;
|
||||
+ }
|
||||
+
|
||||
+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa < 0x16)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
|
||||
+ goto fail;
|
||||
+ }
|
||||
+
|
||||
if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10)))
|
||||
{
|
||||
int len;
|
||||
|
||||
len = u32at (pa, 0x10) / 2;
|
||||
pa += u16at (pa, 0x14);
|
||||
- *label = get_utf8 (pa, len);
|
||||
+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len)
|
||||
+ *label = get_utf8 (pa, len);
|
||||
+ else
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
|
||||
}
|
||||
|
||||
fail:
|
||||
--
|
||||
cgit v1.1
|
||||
|
||||
From e58b870ff926415e23fc386af41ff81b2f588763 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:40:07 +0300
|
||||
Subject: fs/ntfs: Make code more readable
|
||||
|
||||
Move some calls used to access NTFS attribute header fields into
|
||||
functions with human-readable names.
|
||||
|
||||
Suggested-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 48 +++++++++++++++++++++++++++++++++---------------
|
||||
1 file changed, 33 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index ff5e374..de435aa 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -52,6 +52,24 @@ u64at (void *ptr, grub_size_t ofs)
|
||||
return grub_le_to_cpu64 (grub_get_unaligned64 ((char *) ptr + ofs));
|
||||
}
|
||||
|
||||
+static grub_uint16_t
|
||||
+first_attr_off (void *mft_buf_ptr)
|
||||
+{
|
||||
+ return u16at (mft_buf_ptr, 0x14);
|
||||
+}
|
||||
+
|
||||
+static grub_uint16_t
|
||||
+res_attr_data_off (void *res_attr_ptr)
|
||||
+{
|
||||
+ return u16at (res_attr_ptr, 0x14);
|
||||
+}
|
||||
+
|
||||
+static grub_uint32_t
|
||||
+res_attr_data_len (void *res_attr_ptr)
|
||||
+{
|
||||
+ return u32at (res_attr_ptr, 0x10);
|
||||
+}
|
||||
+
|
||||
grub_ntfscomp_func_t grub_ntfscomp_func;
|
||||
|
||||
static grub_err_t
|
||||
@@ -106,7 +124,7 @@ init_attr (struct grub_ntfs_attr *at, struct grub_ntfs_file *mft)
|
||||
{
|
||||
at->mft = mft;
|
||||
at->flags = (mft == &mft->data->mmft) ? GRUB_NTFS_AF_MMFT : 0;
|
||||
- at->attr_nxt = mft->buf + u16at (mft->buf, 0x14);
|
||||
+ at->attr_nxt = mft->buf + first_attr_off (mft->buf);
|
||||
at->attr_end = at->emft_buf = at->edat_buf = at->sbuf = NULL;
|
||||
}
|
||||
|
||||
@@ -154,7 +172,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
- new_pos = &at->emft_buf[u16at (at->emft_buf, 0x14)];
|
||||
+ new_pos = &at->emft_buf[first_attr_off (at->emft_buf)];
|
||||
while (*new_pos != 0xFF)
|
||||
{
|
||||
if ((*new_pos == *at->attr_cur)
|
||||
@@ -213,7 +231,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
}
|
||||
else
|
||||
{
|
||||
- at->attr_nxt = at->attr_end + u16at (pa, 0x14);
|
||||
+ at->attr_nxt = at->attr_end + res_attr_data_off (pa);
|
||||
at->attr_end = at->attr_end + u32at (pa, 4);
|
||||
pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
|
||||
}
|
||||
@@ -399,20 +417,20 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
|
||||
|
||||
if (pa[8] == 0)
|
||||
{
|
||||
- if (ofs + len > u32at (pa, 0x10))
|
||||
+ if (ofs + len > res_attr_data_len (pa))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "read out of range");
|
||||
|
||||
- if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ if (res_attr_data_len (pa) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
|
||||
|
||||
if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
|
||||
- if (u16at (pa, 0x14) + u32at (pa, 0x10) >
|
||||
+ if (res_attr_data_off (pa) + res_attr_data_len (pa) >
|
||||
(grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
|
||||
return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
|
||||
- grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
|
||||
+ grub_memcpy (dest, pa + res_attr_data_off (pa) + ofs, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -556,7 +574,7 @@ init_file (struct grub_ntfs_file *mft, grub_uint64_t mftno)
|
||||
(unsigned long long) mftno);
|
||||
|
||||
if (!pa[8])
|
||||
- mft->size = u32at (pa, 0x10);
|
||||
+ mft->size = res_attr_data_len (pa);
|
||||
else
|
||||
mft->size = u64at (pa, 0x30);
|
||||
|
||||
@@ -805,7 +823,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
(u32at (cur_pos, 0x18) != 0x490024) ||
|
||||
(u32at (cur_pos, 0x1C) != 0x300033))
|
||||
continue;
|
||||
- cur_pos += u16at (cur_pos, 0x14);
|
||||
+ cur_pos += res_attr_data_off (cur_pos);
|
||||
if (*cur_pos != 0x30) /* Not filename index */
|
||||
continue;
|
||||
break;
|
||||
@@ -834,7 +852,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
{
|
||||
int is_resident = (cur_pos[8] == 0);
|
||||
|
||||
- bitmap_len = ((is_resident) ? u32at (cur_pos, 0x10) :
|
||||
+ bitmap_len = ((is_resident) ? res_attr_data_len (cur_pos) :
|
||||
u32at (cur_pos, 0x28));
|
||||
|
||||
bmp = grub_malloc (bitmap_len);
|
||||
@@ -855,14 +873,14 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
goto done;
|
||||
}
|
||||
|
||||
- if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) >
|
||||
+ if (res_attr_data_off (cur_pos) + res_attr_data_len (cur_pos) >
|
||||
(grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos)
|
||||
{
|
||||
grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
|
||||
goto done;
|
||||
}
|
||||
|
||||
- grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14),
|
||||
+ grub_memcpy (bmp, cur_pos + res_attr_data_off (cur_pos),
|
||||
bitmap_len);
|
||||
}
|
||||
else
|
||||
@@ -1226,12 +1244,12 @@ grub_ntfs_label (grub_device_t device, char **label)
|
||||
goto fail;
|
||||
}
|
||||
|
||||
- if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10)))
|
||||
+ if ((pa) && (pa[8] == 0) && (res_attr_data_len (pa)))
|
||||
{
|
||||
int len;
|
||||
|
||||
- len = u32at (pa, 0x10) / 2;
|
||||
- pa += u16at (pa, 0x14);
|
||||
+ len = res_attr_data_len (pa) / 2;
|
||||
+ pa += res_attr_data_off (pa);
|
||||
if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len)
|
||||
*label = get_utf8 (pa, len);
|
||||
else
|
||||
--
|
||||
cgit v1.1
|
|
@ -22,9 +22,9 @@ pkgdesc='GNU GRand Unified Bootloader (2)'
|
|||
epoch=2
|
||||
_tag='bb59f566e1e5c387dbfd342bb3767f761422c744' # git rev-parse grub-${_pkgver}
|
||||
_pkgver=2.12rc1
|
||||
_unifont_ver='15.0.06'
|
||||
_unifont_ver='15.1.02'
|
||||
pkgver=${_pkgver/-/}
|
||||
pkgrel=01
|
||||
pkgrel=03
|
||||
url='https://www.gnu.org/software/grub/'
|
||||
backup=('etc/default/grub'
|
||||
'etc/grub.d/40_custom')
|
||||
|
@ -59,6 +59,7 @@ source=("git+https://git.savannah.gnu.org/git/grub.git#tag=${_tag}?signed"
|
|||
'0001-00_header-add-GRUB_COLOR_-variables.patch'
|
||||
'0002-10_linux-detect-archlinux-initramfs.patch'
|
||||
'0003-support-dropins-for-default-configuration.patch'
|
||||
'0004-ntfs-module-security.patch'
|
||||
'grub.default'
|
||||
'grub.default.run'
|
||||
'grub.default.66'
|
||||
|
@ -121,6 +122,9 @@ prepare() {
|
|||
echo "Patch to support dropins for default configuration..."
|
||||
patch -Np1 -i "${srcdir}/0003-support-dropins-for-default-configuration.patch"
|
||||
|
||||
echo "Patch to fix ntfs module security vulnerabilities"
|
||||
patch -Np1 -i "${srcdir}/0004-ntfs-module-security.patch"
|
||||
|
||||
echo "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme..."
|
||||
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"
|
||||
|
||||
|
@ -326,19 +330,21 @@ validpgpkeys=('E53D497F3FA42AD8C9B4D1E835A93B74E82E4209' # Vladimir 'phcoder' S
|
|||
|
||||
sha256sums=(SKIP
|
||||
SKIP
|
||||
93cb54fa103a00e25cd3e16550b4b4eb13cbd098e515679ade3ae82cd0739f29 # unifont-15.0.06.bdf.gz
|
||||
d968cdf6eefdc2fd6f17515e559a76f513d5edec4e9a495b935d0f285cb69bc8 # unifont-15.0.06.bdf.gz.sig
|
||||
912834ab9cd372f300541894615f910af4db82477c91b236674057eadfc76429 # unifont-15.1.02.bdf.gz
|
||||
f5d0b76b9d5462411b90cb3bbfa33d15bdf58cb89aa8b6d53eb2fbf0d4f4633c # unifont-15.1.02.bdf.gz.sig
|
||||
5dee6628c48eef79812bb9e86ee772068d85e7fcebbd2b2b8d1e19d24eda9dab # 0001-00_header-add-GRUB_COLOR_-variables.patch
|
||||
8488aec30a93e8fe66c23ef8c23aefda39c38389530e9e73ba3fbcc8315d244d # 0002-10_linux-detect-archlinux-initramfs.patch
|
||||
b5d9fcd62ffb3c3950fdeb7089ec2dc2294ac52e9861980ad90a437dedbd3d47 # 0003-support-dropins-for-default-configuration.patch
|
||||
4bdd5ceb13dbd4c41fde24163f16a0ba05447d821e74d938a0b9e5fce0431140 # 0004-ntfs-module-security.patch
|
||||
83f99850b6c751d0a7bd3e6b9f1808a0c05962cdd1cd8f57cbbd63f1a3379c96 # grub.default
|
||||
83f99850b6c751d0a7bd3e6b9f1808a0c05962cdd1cd8f57cbbd63f1a3379c96 # grub.default.run
|
||||
adad61d98de32e241a1cf55a166699de449533fa16e15e97a326515f80639ef7 # grub.default.66
|
||||
98b23d41e223bdc0a6e20bdcb3aa77e642f29b64081b1fd2f575314172fc89df) # sbat.csv
|
||||
|
||||
# Note to packager:
|
||||
ls -l *pkg.tar.lz
|
||||
echo "you must rename this package to meet SF naming before you move to the repo"
|
||||
mv $(ls -l $pkgname*pkg.tar.lz) $pkgname-$epoch_$pkgver-$pkgrel-$arch.pkg.tar.lz >pkg-mv.log
|
||||
#ls -l *pkg.tar.lz
|
||||
#echo "you must rename this package to meet SF naming before you move to the repo"
|
||||
#mv $(ls -l $pkgname*pkg.tar.lz) $pkgname-$epoch_$pkgver-$pkgrel-$arch.pkg.tar.lz >pkg-mv.log
|
||||
|
||||
## 95ee50a5c5d266d576dda6dbf10a3ae1395599bb1bf4ae59263f0217c41f281b grub-2:2.12rc1-03-x86_64.pkg.tar.lz
|
||||
|
||||
## be47ba937340775e8fa7b66ac004d95139101db47cd74b79391103bf8635d494 grub-2:2.12rc1-01-x86_64.pkg.tar.lz
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Maintainer : Christian Hesse <mail@eworm.de>
|
||||
# Maintainer : Ronald van Haren <ronald.archlinux.org>
|
||||
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
|
||||
# Maintainer : Tobias Powalowski <tpowa@archlinux.org>
|
||||
# Contributor: Ronald van Haren <ronald.archlinux.org>
|
||||
# Contributor: Keshav Amburay <(the ddoott ridikulus ddoott rat) (aatt) (gemmaeiil) (ddoott) (ccoomm)>
|
||||
|
||||
## "1" to enable IA32-EFI build in Arch x86_64, "0" to disable
|
||||
|
@ -20,9 +20,9 @@ pkgdesc='GNU GRand Unified Bootloader (2)'
|
|||
epoch=2
|
||||
_tag='bb59f566e1e5c387dbfd342bb3767f761422c744' # git rev-parse grub-${_pkgver}
|
||||
_pkgver=2.12rc1
|
||||
_unifont_ver='15.0.06'
|
||||
_unifont_ver='15.1.02'
|
||||
pkgver=${_pkgver/-/}
|
||||
pkgrel=1
|
||||
pkgrel=3
|
||||
url='https://www.gnu.org/software/grub/'
|
||||
arch=('x86_64')
|
||||
license=('GPL3')
|
||||
|
@ -63,16 +63,18 @@ source=("git+https://git.savannah.gnu.org/git/grub.git#tag=${_tag}?signed"
|
|||
'0001-00_header-add-GRUB_COLOR_-variables.patch'
|
||||
'0002-10_linux-detect-archlinux-initramfs.patch'
|
||||
'0003-support-dropins-for-default-configuration.patch'
|
||||
'0004-ntfs-module-security.patch'
|
||||
'grub.default'
|
||||
'sbat.csv')
|
||||
|
||||
sha256sums=('SKIP'
|
||||
'SKIP'
|
||||
'93cb54fa103a00e25cd3e16550b4b4eb13cbd098e515679ade3ae82cd0739f29'
|
||||
'912834ab9cd372f300541894615f910af4db82477c91b236674057eadfc76429'
|
||||
'SKIP'
|
||||
'5dee6628c48eef79812bb9e86ee772068d85e7fcebbd2b2b8d1e19d24eda9dab'
|
||||
'8488aec30a93e8fe66c23ef8c23aefda39c38389530e9e73ba3fbcc8315d244d'
|
||||
'b5d9fcd62ffb3c3950fdeb7089ec2dc2294ac52e9861980ad90a437dedbd3d47'
|
||||
'4bdd5ceb13dbd4c41fde24163f16a0ba05447d821e74d938a0b9e5fce0431140'
|
||||
'7df3f5cb5df7d2dfb17f4c9b5c5dedc9519ddce6f8d2c6cd43d1be17cecb65cb'
|
||||
'98b23d41e223bdc0a6e20bdcb3aa77e642f29b64081b1fd2f575314172fc89df')
|
||||
|
||||
|
@ -131,6 +133,10 @@ prepare() {
|
|||
|
||||
echo "Patch to support dropins for default configuration..."
|
||||
patch -Np1 -i "${srcdir}/0003-support-dropins-for-default-configuration.patch"
|
||||
|
||||
echo "Patch to fix ntfs module security vulnerabilities"
|
||||
patch -Np1 -i "${srcdir}/0004-ntfs-module-security.patch"
|
||||
|
||||
echo "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme..."
|
||||
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "configure.ac"
|
||||
|
||||
|
|
|
@ -15,3 +15,4 @@ bison
|
|||
os-prober
|
||||
|
||||
|
||||
graphite
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
#-----------------------------------------| DESCRIPTION |---------------------------------------
|
||||
|
||||
pkgname=hwdata
|
||||
pkgver=0.374
|
||||
pkgver=0.375
|
||||
pkgrel=01
|
||||
pkgdesc="hardware identification databases"
|
||||
makedepends=('git')
|
||||
|
@ -31,10 +31,10 @@ package() {
|
|||
|
||||
arch=(x86_64)
|
||||
|
||||
license=('GPL2')
|
||||
license=('GPL2-or-later')
|
||||
|
||||
validpgpkeys=('3C40194FB79138CE0F78FD4919C2F062574F5403') # Vitezslav Crhonek
|
||||
|
||||
sha256sums=(SKIP)
|
||||
|
||||
## 4e98a766025075bf73ae6220051389e236787eaf98451ace35c608101e8b0800 hwdata-0.374-01-x86_64.pkg.tar.lz
|
||||
## cb9b58c77b27f2fbd49855d1314c4dbbb92ee11d1238a551c5ba53fe76dc853a hwdata-0.375-01-x86_64.pkg.tar.lz
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
|
||||
pkgname=hwdata
|
||||
pkgver=0.374
|
||||
pkgver=0.375
|
||||
pkgrel=1
|
||||
pkgdesc="hardware identification databases"
|
||||
makedepends=('git')
|
||||
replaces=('hwids')
|
||||
url=https://github.com/vcrhonek/hwdata
|
||||
license=('GPL2')
|
||||
license=('GPL2-or-later')
|
||||
arch=('any')
|
||||
source=("git+https://github.com/vcrhonek/hwdata.git#tag=v${pkgver}?signed")
|
||||
validpgpkeys=('3C40194FB79138CE0F78FD4919C2F062574F5403') # Vitezslav Crhonek
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
git
|
||||
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue