Hi,
I've given this module a quick review - it looks ok for including in the
EFI image. I only have one small note on the while loop in
grub_smbios_match_structure, which I made because I thought it looked a
bit suspicious:
while (ptr < table_end
&& ptr[1] >= 4 /* Valid structures include the 4-byte header. */
&& (structure_count++ < structures || structures == 0))
{
grub_uint16_t structure_handle = grub_get_unaligned16 (ptr + 2);
... the "ptr < table_end" condition isn't completely sufficient to
prevent reads beyond table_end because it reads the size field (ptr[1]
>= 4) and the handle (grub_get_unaligned (ptr + 2)) even when this
condition is true. But I don't think there's a real issue here as it
would require a broken smbios implementation to end up in the situation
where ptr is close enough to table_end to cause a read beyond the end of
it inside the loop.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1856424
Title:
please add smbios module to the signed grub2 images
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1856424/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
