Bug#1100470: Segfault with NTFS CVE fixes
Felix Zielcke
fzielcke at z-51.de
Sat Mar 15 07:54:29 GMT 2025
Hi,
on Debian we got a bug report with a segfault in grub-mount when we
added the CVE fixes to it:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100470
It crashes on all 3 Windows NTFS Partitions with this:
Program received signal SIGSEGV, Segmentation fault.
Download failed: Invalid argument. Continuing without source file
./obj/grub-pc/../../grub-core/fs/ntfs.c.
0x000055555557de34 in find_attr (at=at at entry=0x555555694ea0,
attr=attr at entry=128 '\200') at ../../grub-core/fs/ntfs.c:390
warning: 390 ../../grub-core/fs/ntfs.c: No such file or directory
Line 390 is the same AFAICS on upstream grub.git and Debian packaging:
while (at->attr_cur < mft_end && *at->attr_cur != 0xFF)
I don't know what is special on their NTFS partitions. I can't
reproduce this with my own dual-boot system.
More information about the Pkg-grub-devel
mailing list