diff --git a/20000-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch b/20000-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch new file mode 100644 index 0000000..93bbe53 --- /dev/null +++ b/20000-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch @@ -0,0 +1,38 @@ +From 725f07ed1e4e18836f54a0a798a8b1e720fae783 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Mon, 21 Nov 2016 15:34:00 +0100 +Subject: [PATCH] efi/chainloader: fix wrong sanity check in relocate_coff() + +In relocate_coff(), the relocation entries are parsed from the original +image (not the section-wise copied image). The original image is +pointed-to by the "orig" pointer. The current check + + (void *)reloc_end < data + +compares the addresses of independent memory allocations. "data" is a typo +here, it should be "orig". + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 +Signed-off-by: Laszlo Ersek +Tested-by: Bogdan Costescu +Tested-by: Juan Orti +--- + grub-core/loader/efi/chainloader.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c +index 49a7662fa605..1bd7ffb3160e 100644 +--- a/grub-core/loader/efi/chainloader.c ++++ b/grub-core/loader/efi/chainloader.c +@@ -397,7 +397,7 @@ relocate_coff (pe_coff_loader_image_context_t *context, + reloc_end = (struct grub_pe32_fixup_block *) + ((char *)reloc_base + reloc_base->size); + +- if ((void *)reloc_end < data || (void *)reloc_end > image_end) ++ if ((void *)reloc_end < orig || (void *)reloc_end > image_end) + { + grub_error (GRUB_ERR_BAD_ARGUMENT, "Reloc entry %d overflows binary", + n); +-- +2.9.2 + diff --git a/grub2.spec b/grub2.spec index 4458ffd..47973db 100644 --- a/grub2.spec +++ b/grub2.spec @@ -45,7 +45,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 0.34%{?dist} +Release: 0.35%{?dist} Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base @@ -72,6 +72,12 @@ Patch10004: 10004-Add-grub_qdprintf-grub_dprintf-without-the-file-lin.patch Patch10005: 10005-Make-a-gdb-dprintf-that-tells-us-load-addresses.patch #Patch10006: 10006-Try-it-in-gentpl-again.patch +# This is: https://bugzilla.redhat.com/attachment.cgi?id=1222471 +# From: https://bugzilla.redhat.com/show_bug.cgi?id=1347291 +# Patch by Laszlo Ersek to fix a bad sanity check which causes issues +# with UEFI Windows dual boot. Should be sent upstream. +Patch20000: 20000-efi-chainloader-fix-wrong-sanity-check-in-relocate_c.patch + BuildRequires: flex bison binutils python BuildRequires: ncurses-devel xz-devel bzip2-devel BuildRequires: freetype-devel libusb-devel @@ -547,6 +553,8 @@ fi %changelog * Thu Dec 01 2016 Peter Jones - 2.02-0.34 - Fix power6 makefile bits for newer autoconf defaults. +- efi/chainloader: fix wrong sanity check in relocate_coff() (Laszlo Ersek) + Resolves: rhbz#1347291 * Thu Aug 25 2016 Peter Jones - 2.02-0.34 - Update to be newer than f24's branch.