In grub-core/video/readers/jpeg.c, Coverity identified an untrusted loop bound bug. After resolving this bug, a private Coverity scan identified another untrusted loop bound bug in a different function. Since this bug only shows up after resolving the first bug, there isn't a CID for the second bug.
The Coverity bugs being addressed are: CID 292450 Alec Brown (2): video/readers: Add artificial limit to image dimensions video/readers/jpeg: Check next_marker is within file size docs/grub.texi | 3 ++- grub-core/video/readers/jpeg.c | 12 +++++++++++- grub-core/video/readers/png.c | 6 +++++- grub-core/video/readers/tga.c | 7 +++++++ include/grub/bitmap.h | 2 ++ 5 files changed, 27 insertions(+), 3 deletions(-) _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel