> On 15 Jan 2026, at 5:52 AM, Wanda Phinode <[email protected]> wrote: > > The integer overflow triggered for simple masks in the "badram" > command, such as "badram 0x0000000012340000,0xfffffffffffffff8". > This resulted in an infinite loop, locking up the machine. > > Signed-off-by: Wanda Phinode <[email protected]>
Reviewed-by: Sudhakar Kuppusamy <[email protected]> Thanks, Sudhakar > --- > It seems this one has been known for a while: see eg. > https://unix.stackexchange.com/questions/746164/grub-hangs-itself-with-64bit-memtest86-badram-pattern > > grub-core/mmap/mmap.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/grub-core/mmap/mmap.c b/grub-core/mmap/mmap.c > index 7c7d3911c..d348f3e0d 100644 > --- a/grub-core/mmap/mmap.c > +++ b/grub-core/mmap/mmap.c > @@ -409,7 +409,7 @@ badram_iter (grub_uint64_t addr, grub_uint64_t size, > */ > while (high - low > 1) > { > - cur = (low + high) / 2; > + cur = low + (high - low) / 2; > if (fill_mask (entry, cur) >= addr) > high = cur; > else > -- > 2.52.0 > > _______________________________________________ > Grub-devel mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/grub-devel _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
