[PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c

Alec Brown Thu, 20 Oct 2022 14:13:48 -0700

In grub-core/video/readers/jpeg.c, Coverity identified an untrusted loop bound
bug. After resolving this bug, a private Coverity scan identified another
untrusted loop bound bug in a different function. Since this bug only shows up
after resolving the first bug, there isn't a CID for the second bug.


The Coverity bugs being addressed are:
CID 292450

Alec Brown (2):
      video/readers: Add artificial limit to image dimensions
      video/readers/jpeg: Check next_marker is within file size

 docs/grub.texi                 |  3 ++-
 grub-core/video/readers/jpeg.c | 12 +++++++++++-
 grub-core/video/readers/png.c  |  6 +++++-
 grub-core/video/readers/tga.c  |  7 +++++++
 include/grub/bitmap.h          |  2 ++
 5 files changed, 27 insertions(+), 3 deletions(-)


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

[PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c

Reply via email to