meta/recipes-bsp/grub/files/CVE-2015-8370.patch - stefanberger/openbmc - Gitiles

 From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001
 From: Hector Marco-Gisbert <hecmargi@upv.es>
 Date: Wed, 16 Dec 2015 07:57:18 +0300
 Subject: [PATCH] Fix security issue when reading username and password

 This patch fixes two integer underflows at:
   * grub-core/lib/crypto.c
   * grub-core/normal/auth.c

 CVE-2015-8370

 Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
 Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
 Also-By: Andrey Borzenkov <arvidjaar@gmail.com>

 Upstream-Status: Backport

 http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2

 CVE: CVE-2015-8370
 Signed-off-by: Armin Kuster <akuster@mvista.com>

 ---
  grub-core/lib/crypto.c  | 3 ++-
  grub-core/normal/auth.c | 7 +++++--
  2 files changed, 7 insertions(+), 3 deletions(-)

 Index: git/grub-core/lib/crypto.c
 ===================================================================
 --- git.orig/grub-core/lib/crypto.c
 +++ git/grub-core/lib/crypto.c
 @@ -458,7 +458,8 @@ grub_password_get (char buf[], unsigned

        if (key == '\b')
  	{
 -	  cur_len--;
 +	  if (cur_len)
 +	    cur_len--;
  	  continue;
  	}

 Index: git/grub-core/normal/auth.c
 ===================================================================
 --- git.orig/grub-core/normal/auth.c
 +++ git/grub-core/normal/auth.c
 @@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned

        if (key == '\b')
  	{
 -	  cur_len--;
 -	  grub_printf ("\b");
 +	  if (cur_len)
 +	    {
 +	      cur_len--;
 +	      grub_printf ("\b");
 +	    }
  	  continue;
  	}
	From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001
	From: Hector Marco-Gisbert <hecmargi@upv.es>
	Date: Wed, 16 Dec 2015 07:57:18 +0300
	Subject: [PATCH] Fix security issue when reading username and password

	This patch fixes two integer underflows at:
	* grub-core/lib/crypto.c
	* grub-core/normal/auth.c

	CVE-2015-8370

	Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
	Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
	Also-By: Andrey Borzenkov <arvidjaar@gmail.com>

	Upstream-Status: Backport

	http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2

	CVE: CVE-2015-8370
	Signed-off-by: Armin Kuster <akuster@mvista.com>

	---
	grub-core/lib/crypto.c \| 3 ++-
	grub-core/normal/auth.c \| 7 +++++--
	2 files changed, 7 insertions(+), 3 deletions(-)

	Index: git/grub-core/lib/crypto.c
	===================================================================
	--- git.orig/grub-core/lib/crypto.c
	+++ git/grub-core/lib/crypto.c
	@@ -458,7 +458,8 @@ grub_password_get (char buf[], unsigned

	if (key == '\b')
	{
	- cur_len--;
	+ if (cur_len)
	+ cur_len--;
	continue;
	}

	Index: git/grub-core/normal/auth.c
	===================================================================
	--- git.orig/grub-core/normal/auth.c
	+++ git/grub-core/normal/auth.c
	@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned

	if (key == '\b')
	{
	- cur_len--;
	- grub_printf ("\b");
	+ if (cur_len)
	+ {
	+ cur_len--;
	+ grub_printf ("\b");
	+ }
	continue;
	}