Your message dated Sat, 16 Aug 2025 15:55:37 -0400 (EDT)
with message-id <[email protected]>
and subject line Bug#1110934: Removed package(s) from unstable
has caused the Debian Bug report #249701,
regarding runtime checks before jumping into bootstrapped code
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
249701: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=249701
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: grub
Version: 0.94+cvs20040429-1
Severity: normal
Tags: patch
I'd like to suggest that GRUB do a small sanity check at runtime prior
to loading important sectors and jumping into them. Specifically,
check for magic values when loading the first sector of stage 1.5 or
stage 2, and also when loading the remaining sectors.
This will reduce the chances of GRUB jumping into unknown code when
installation mistakes or other problems cause it to load random data.
e.g. BIOS bugs passing in the wrong drive making it load sectors
from the wrong place, etc.
Would like to offer the following patch to do it, though I'm
afraid it's ugly and shortens an existing error message in order to
squeeze one of the checks into the first sector.
If it helps, be happy to also submit a patch to update the
documentation about the error messages.
Regards,
-kb
diff -ur grub-0.94.orig/stage1/stage1.S grub-0.94/stage1/stage1.S
--- grub-0.94.orig/stage1/stage1.S Sat Mar 27 09:02:53 2004
+++ grub-0.94/stage1/stage1.S Tue May 18 13:50:00 2004
@@ -361,6 +361,10 @@
movsw
popw %ds
+ movw ABS(stage2_address), %bp
+ cmpw $S2_OPCODE_MAGIC, (%bp)
+ jne stage2_notfound_error
+
popa
/* boot stage2 */
@@ -383,6 +387,14 @@
jmp general_error
/*
+ * Didn't find magic bytes at the start of
+ * stage 1.5/2
+ */
+stage2_notfound_error:
+ MSG(stage2_notfound_string)
+ jmp general_error
+
+/*
* Read error on the disk.
*/
read_error:
@@ -396,8 +408,9 @@
notification_string: .string "GRUB "
geometry_error_string: .string "Geom"
-hd_probe_error_string: .string "Hard Disk"
+hd_probe_error_string: .string "HDsk"
read_error_string: .string "Read"
+stage2_notfound_string: .string "S2"
general_error_string: .string " Error"
/*
diff -ur grub-0.94.orig/stage1/stage1.h grub-0.94/stage1/stage1.h
--- grub-0.94.orig/stage1/stage1.h Sat Mar 27 09:02:53 2004
+++ grub-0.94/stage1/stage1.h Tue May 18 13:49:47 2004
@@ -83,4 +83,9 @@
/* The drive number of an invalid drive. */
#define GRUB_INVALID_DRIVE 0xFF
+/* First couple opcodes in stage1.5/2 checked by stage1 before loading */
+#define PUSHW_DX 0x52
+#define PUSHW_SI 0x56
+#define S2_OPCODE_MAGIC (PUSHW_SI<<8|PUSHW_DX)
+
#endif /* ! STAGE1_HEADER */
diff -ur grub-0.94.orig/stage2/start.S grub-0.94/stage2/start.S
--- grub-0.94.orig/stage2/start.S Sun Dec 30 00:23:16 2001
+++ grub-0.94/stage2/start.S Tue May 18 13:53:39 2004
@@ -63,10 +63,13 @@
*/
/* save drive reference first thing! */
- pushw %dx
+ .byte PUSHW_DX /* use constant just to ensure any change
+ is propagated to the sanity check
+ in stage1.S which verifies this
+ opcode is present before jumping here */
/* print a notification message on the screen */
- pushw %si
+ .byte PUSHW_SI /* use constant just to ...see above */
MSG(notification_string)
popw %si
@@ -309,6 +312,15 @@
/* END OF MAIN LOOP */
bootit:
+ /* Sanity check we have a reasonable sector */
+#ifdef STAGE1_5
+ movw 0x2206, %dx
+#else /* ! STAGE1_5 */
+ movw 0x8206, %dx
+#endif /* ! STAGE1_5 */
+ cmpw $COMPAT_VERSION, %dx
+ jne bad_stage2_error
+
/* print a newline */
MSG(notification_done)
popw %dx /* this makes sure %dl is our "boot" drive */
@@ -327,6 +339,12 @@
jmp general_error
/*
+ * Rest of stage1.5/2 doesn't have the expected magic value
+ */
+bad_stage2_error:
+ MSG(bad_stage2_error_string)
+ jmp general_error
+/*
* Read error on the disk.
*/
read_error:
@@ -348,6 +366,7 @@
notification_done: .string "\r\n"
geometry_error_string: .string "Geom"
+bad_stage2_error_string:.string "Header"
read_error_string: .string "Read"
general_error_string: .string " Error"
--- End Message ---
--- Begin Message ---
Apologies; this wasn't sent as part of the dak rm action. I'm doing
this by hand. Since this was manual, this opens the chance for me taking
action by mistake.
I got the list of bugs via UDD, and am closing via -close on BCC. I spot
checked about 10 of the bugs, and they're all src:grub. The COUNT
matches the tracker page, so I'm sending this.
If I have closed a bug that's not about bin:grub or src:grub, please do
re-open the bug.
paultag
We believe that the bug you reported is now fixed; the following
package(s) have been removed from unstable:
grub | 0.97-84 | source
grub-legacy | 0.97-84 | amd64, i386
------------------- Reason -------------------
ROM; dead upstream, replaced by grub2
----------------------------------------------
Note that the package(s) have simply been removed from the tag
database and may (or may not) still be in the pool; this is not a bug.
The package(s) will be physically removed automatically when no suite
references them (and in the case of source, when no binary references
it). Please also remember that the changes have been done on the
master archive and will not propagate to any mirrors until the next
dinstall run at the earliest.
Packages are usually not removed from testing by hand. Testing tracks
unstable and will automatically remove packages which were removed
from unstable when removing them from testing causes no dependency
problems. The release team can force a removal from testing if it is
really needed, please contact them if this should be the case.
We try to close bugs which have been reported against this package
automatically. But please check all old bugs, if they were closed
correctly or should have been re-assigned to another package.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected].
The full log for this bug can be viewed at https://bugs.debian.org/1110934
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Paul Tagliamonte (the ftpmaster behind the curtain)
--- End Message ---
