From 0415dbe28f3dc3520b70745b3bd78073f094fb4d Mon Sep 17 00:00:00 2001
From: Andrei Borzenkov <arvidjaar@gmail.com>
Date: Fri, 28 Nov 2014 20:45:27 +0300
Subject: [PATCH 119/506] grub-install-common: avoid out of bound access when
read failed
Check that modinfo.sh could be read successfully; abort on error. Avoids
potential out-of-bound array access.
CID: 73819
---
ChangeLog | 2 ++
util/grub-install-common.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index 930ceb2..e46b999 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
2014-11-28 Andrei Borzenkov <arvidjaar@gmail.com>
+ * util/grub-install-common.c (grub_install_get_target): Check return
+ value of grub_util_fd_read (Coverity CID 73819).
* util/grub-mkstandalone.c (add_tar_file): Fix out of bound access
to hd.magic (Coverity CID 73587, 73888, bug 43690).
diff --git a/util/grub-install-common.c b/util/grub-install-common.c
index c8bedcb..4b5d4d4 100644
--- a/util/grub-install-common.c
+++ b/util/grub-install-common.c
@@ -911,6 +911,8 @@ grub_install_get_target (const char *src)
grub_util_error (_("%s doesn't exist. Please specify --target or --directory"),
fn);
r = grub_util_fd_read (f, buf, sizeof (buf) - 1);
+ if (r < 0)
+ grub_util_error (_("cannot read `%s': %s"), fn, strerror (errno));
grub_util_fd_close (f);
buf[r] = '\0';
c = strstr (buf, "grub_modinfo_target_cpu=");
--
2.4.3