Bug#423409: double free() with grub-probe
Jeroen Dekkers
jeroen at vrijschrift.org
Thu May 17 19:19:53 UTC 2007
At Thu, 17 May 2007 11:58:54 +0200,
Marco Gerards wrote:
> Hi Robert,
>
> > We got this bug report from Debian BTS. It seems to be related to LVM.
> >
> > The argc address in last line looks very suspicious; stack corruption?
>
> Can you try valgrind? The older valgrinds didn't work with GRUB 2,
> but the newer ones do.
I could reproduce this on one of my machines and ran it through
valgrind. I've just committed a fix to the grub2 CVS repository (as
well as another memory bug valgrind spotted). A copy of the patch is
below.
Jeroen Dekkers
Index: kern/disk.c
===================================================================
RCS file: /cvsroot/grub/grub2/kern/disk.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -p -r1.17 -r1.18
--- kern/disk.c 10 Nov 2006 23:31:55 -0000 1.17
+++ kern/disk.c 17 May 2007 19:03:42 -0000 1.18
@@ -1,6 +1,6 @@
/*
* GRUB -- GRand Unified Bootloader
- * Copyright (C) 2002,2003,2004,2006 Free Software Foundation, Inc.
+ * Copyright (C) 2002,2003,2004,2006,2007 Free Software Foundation, Inc.
*
* GRUB is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -414,6 +414,8 @@ grub_disk_read (grub_disk_t disk, grub_d
num = ((size + GRUB_DISK_SECTOR_SIZE - 1)
>> GRUB_DISK_SECTOR_BITS);
+
+ tmp_buf = grub_realloc (tmp_buf, num << GRUB_DISK_SECTOR_BITS);
if ((disk->dev->read) (disk, sector, num, tmp_buf))
{
grub_error_push ();
============================================================
More information about the Pkg-grub-devel
mailing list