Hello, I recently discovered a bug. When using the serial module in the grub shell, there was no response from the grub shell, and it is initially suspected to be a core dump.
Through debugging analysis of grub-core/kern/acpi.c, grub2 crashed after
grub_memcmp (tbl ->signature, sig, 4) in grub-acpi_xsdt_find_table().
tbl ->Signature obtained an address that exceeded expectations.
In 64 bit XSDT, perhaps the loop variable s should be more appropriate by
dividing by grub_uinit64_t?
For example,
grub-core/kern/acpi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/kern/acpi.c b/grub-core/kern/acpi.c
index 48ded4e2e..8ff0835d5 100644
--- a/grub-core/kern/acpi.c
+++ b/grub-core/kern/acpi.c
@@ -75,7 +75,7 @@ grub_acpi_xsdt_find_table (struct grub_acpi_table_header
*xsdt, const char *sig)
return 0;
ptr = (grub_unaligned_uint64_t *) (xsdt + 1);
- s = (xsdt->length - sizeof (*xsdt)) / sizeof (grub_uint32_t);
+ s = (xsdt->length - sizeof (*xsdt)) / sizeof (grub_uint64_t);
for (; s; s--, ptr++)
{
struct grub_acpi_table_header *tbl;
--
Hardware platform where the problem occurred: x86_64 UEFI platform, CPU:
Haiguang、ZhaoXin
Do you have any better suggestions to solve the current problem?
Thanks!
0001-Fix-tbl-signature-taking-address-beyond-expected-on-.patch
Description: Binary data
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
