Yoshinori K. Okuji wrote:
On Wednesday 22 June 2005 23:13, Vincent Guffens wrote:
I have prepared a small web page with some details as it is a little bit
long to explain here. See it there if you want more information:
http://www.auto.ucl.ac.be/~guffens/grub2_netboot/free_magic_broken.html
Thank you very much for your analysis! I finally understood what's wrong, and
checked in a fix (a bit different from yours). I guess it was very hard to
find how to reproduce this bug.
Okuji
yes, it was good fun (and a long night)! I managed to post a wrong test
version yesterday. In the test program, this is not
grub_malloc(base->first->size*(16-1));
but
grub_malloc(base->first->size*16-16);
Although it turns out to be equivalent as far as the bug is concerned,
in this particular example.
It is good to have that nasty one behind !
--
Vincent Guffens
PhD Student UCL/CESAME
tel: +32 10 47 80 30
Value your freedom, or you will lose it, teaches history.
"Don't bother us with politics," respond those who don't want to learn.
-- Richard M. Stallman
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel
