Print this page
3027 installgrub can segfault when encountering bogus data on disk

@@ -113,21 +113,10 @@
         bblk_einfo_t            *einfo;
         uint32_t                cksum;
 
         assert(extra != NULL);
 
-        ext_header = (bb_header_ext_t *)extra;
-        cksum = compute_checksum(extra + sizeof (bb_header_ext_t),
-            ext_header->size);
-        BOOT_DEBUG("Extended information header checksum is %x\n", cksum);
-
-        if (cksum != ext_header->checksum) {
-                BOOT_DEBUG("Unable to find extended versioning information, "
-                    "data looks corrupted\n");
-                return (NULL);
-        }
-
         /*
          * Currently we only have one extra header so it must be encapsulating
          * the extended information structure.
          */
         einfo = (bblk_einfo_t *)(extra + sizeof (bb_header_ext_t));

@@ -136,10 +125,21 @@
                     "information, wrong magic identifier\n");
                 BOOT_DEBUG("Found %s, expected %s\n", einfo->magic,
                     EINFO_MAGIC);
                 return (NULL);
         }
+
+        ext_header = (bb_header_ext_t *)extra;
+        cksum = compute_checksum(extra + sizeof (bb_header_ext_t),
+            ext_header->size);
+        BOOT_DEBUG("Extended information header checksum is %x\n", cksum);
+
+        if (cksum != ext_header->checksum) {
+                BOOT_DEBUG("Unable to find extended versioning information, "
+                    "data looks corrupted\n");
+                return (NULL);
+        }
 
         return (einfo);
 }
 
 /*