Print this page
3027 installgrub can segfault when encountering bogus data on disk
*** 401,411 ****
device_path);
retval = BC_NOEINFO;
goto out_dev;
}
! einfo = find_einfo(stage2->extra);
if (einfo == NULL) {
retval = BC_NOEINFO;
(void) fprintf(stderr, gettext("No extended information "
"found\n"));
goto out_dev;
--- 401,411 ----
device_path);
retval = BC_NOEINFO;
goto out_dev;
}
! einfo = find_einfo(stage2->extra, stage2->extra_size);
if (einfo == NULL) {
retval = BC_NOEINFO;
(void) fprintf(stderr, gettext("No extended information "
"found\n"));
goto out_dev;
*** 499,509 ****
"stage2\n", curr_device->path);
retval = BC_NOEXTRA;
goto out_devs;
}
! einfo_curr = find_einfo(stage2_curr->extra);
if (einfo_curr != NULL)
updt_str = einfo_get_string(einfo_curr);
write_mbr = B_TRUE;
force_mbr = B_TRUE;
--- 499,509 ----
"stage2\n", curr_device->path);
retval = BC_NOEXTRA;
goto out_devs;
}
! einfo_curr = find_einfo(stage2_curr->extra, stage2_curr->extra_size);
if (einfo_curr != NULL)
updt_str = einfo_get_string(einfo_curr);
write_mbr = B_TRUE;
force_mbr = B_TRUE;
*** 1219,1228 ****
--- 1219,1229 ----
stage2->file = stage2->buf;
stage2->file_size = size;
stage2->mboot_off = mboot_off;
stage2->mboot = (multiboot_header_t *)(stage2->buf + stage2->mboot_off);
stage2->extra = stage2->buf + P2ROUNDUP(stage2->file_size, 8);
+ stage2->extra_size = stage2->buf_size - P2ROUNDUP(stage2->file_size, 8);
return (BC_SUCCESS);
}
static boolean_t
*** 1249,1259 ****
/*
* Look for the extended information structure in the extra payload
* area.
*/
! einfo = find_einfo(stage2_disk.extra);
if (einfo == NULL) {
BOOT_DEBUG("No extended information available\n");
return (B_TRUE);
}
--- 1250,1260 ----
/*
* Look for the extended information structure in the extra payload
* area.
*/
! einfo = find_einfo(stage2_disk.extra, stage2_disk.extra_size);
if (einfo == NULL) {
BOOT_DEBUG("No extended information available\n");
return (B_TRUE);
}