Hello, I recently discovered a bug. When using the serial module in the grub shell, there was no response from the grub shell, and it is initially suspected to be a core dump.
Through debugging analysis of grub-core/kern/acpi.c, grub2 crashed after grub_memcmp (tbl ->signature, sig, 4) in grub-acpi_xsdt_find_table(). tbl ->Signature obtained an address that exceeded expectations. In 64 bit XSDT, perhaps the loop variable s should be more appropriate by dividing by grub_uinit64_t? For example, grub-core/kern/acpi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grub-core/kern/acpi.c b/grub-core/kern/acpi.c index 48ded4e2e..8ff0835d5 100644 --- a/grub-core/kern/acpi.c +++ b/grub-core/kern/acpi.c @@ -75,7 +75,7 @@ grub_acpi_xsdt_find_table (struct grub_acpi_table_header *xsdt, const char *sig) return 0; ptr = (grub_unaligned_uint64_t *) (xsdt + 1); - s = (xsdt->length - sizeof (*xsdt)) / sizeof (grub_uint32_t); + s = (xsdt->length - sizeof (*xsdt)) / sizeof (grub_uint64_t); for (; s; s--, ptr++) { struct grub_acpi_table_header *tbl; -- Hardware platform where the problem occurred: x86_64 UEFI platform, CPU: Haiguang、ZhaoXin Do you have any better suggestions to solve the current problem? Thanks!
0001-Fix-tbl-signature-taking-address-beyond-expected-on-.patch
Description: Binary data
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel