grub: add structure initialization in zstd

This patch adds initialization of a structure in grub's zstd, which might be left uninitialized by the compiler. It is a part of a security series [1]. [1] https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html (From OE-Core rev: 370ea660d476bda0d4f45520815396036648d87a) Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Marta Rybczynska <rybczynska@gmail.com> 2022-02-18 11:05:22 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-02 00:21:36 +0000
commit: 495bf963be2eef7688994692b283adf77fa25380 (patch)
tree: 22ced054420e63920f1fc9cc048d251d8fda80b7 /meta/recipes-bsp
parent: 37f35c47827c1b485f62340dbcf2f996a376075e (diff)
download: poky-495bf963be2eef7688994692b283adf77fa25380.tar.gz
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-bsp/grub/files/0014-zstd-Initialize-seq_t-structure-fully.patch b/meta/recipes-bsp/grub/files/0014-zstd-Initialize-seq_t-structure-fully.patch
new file mode 100644
index 0000000000..19d881c1ca
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/0014-zstd-Initialize-seq_t-structure-fully.patch
@@ -0,0 +1,34 @@
+From f55ffe6bd8b844a8cd9956702f42ac2eb96ad56f Mon Sep 17 00:00:00 2001
+From: Darren Kenny <darren.kenny@oracle.com>
+Date: Thu, 5 Nov 2020 10:29:59 +0000
+Subject: [PATCH] zstd: Initialize seq_t structure fully
+While many compilers will initialize this to zero, not all will, so it
+is better to be sure that fields not being explicitly set are at known
+values, and there is code that checks this fields value elsewhere in the
+code.
+Fixes: CID 292440
+Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2777cf4466719921dbe4b30af358a75e7d76f217]
+Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
+---
+ grub-core/lib/zstd/zstd_decompress.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/grub-core/lib/zstd/zstd_decompress.c b/grub-core/lib/zstd/zstd_decompress.c
+index 711b5b6..e4b5670 100644
+--- a/grub-core/lib/zstd/zstd_decompress.c
+++ b/grub-core/lib/zstd/zstd_decompress.c
+@@ -1325,7 +1325,7 @@ typedef enum { ZSTD_lo_isRegularOffset, ZSTD_lo_isLongOffset=1 } ZSTD_longOffset
+ FORCE_INLINE_TEMPLATE seq_t
+ ZSTD_decodeSequence(seqState_t* seqState, const ZSTD_longOffset_e longOffsets)
+ {
+-    seq_t seq;
+    seq_t seq = {0};
+     U32 const llBits = seqState->stateLL.table[seqState->stateLL.state].nbAdditionalBits;
+     U32 const mlBits = seqState->stateML.table[seqState->stateML.state].nbAdditionalBits;
+     U32 const ofBits = seqState->stateOffb.table[seqState->stateOffb.state].nbAdditionalBits;
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc
index 1906a28f30..7cf4d64149 100644
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -60,6 +60,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
           file://0011-gnulib-regexec-Fix-possible-null-dereference.patch \
           file://0012-gnulib-regcomp-Fix-uninitialized-re_token.patch \
           file://0013-io-lzopio-Resolve-unnecessary-self-assignment-errors.patch \
+           file://0014-zstd-Initialize-seq_t-structure-fully.patch \
           "
 SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
 SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"
author	Marta Rybczynska <rybczynska@gmail.com>	2022-02-18 11:05:22 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-03-02 00:21:36 +0000
commit	495bf963be2eef7688994692b283adf77fa25380 (patch)
tree	22ced054420e63920f1fc9cc048d251d8fda80b7 /meta/recipes-bsp
parent	37f35c47827c1b485f62340dbcf2f996a376075e (diff)
download	poky-495bf963be2eef7688994692b283adf77fa25380.tar.gz

diff --git a/meta/recipes-bsp/grub/files/0014-zstd-Initialize-seq_t-structure-fully.patch b/meta/recipes-bsp/grub/files/0014-zstd-Initialize-seq_t-structure-fully.patch new file mode 100644 index 0000000000..19d881c1ca --- /dev/null +++ b/meta/recipes-bsp/grub/files/0014-zstd-Initialize-seq_t-structure-fully.patch
@@ -0,0 +1,34 @@
		1	From f55ffe6bd8b844a8cd9956702f42ac2eb96ad56f Mon Sep 17 00:00:00 2001
		2	From: Darren Kenny <darren.kenny@oracle.com>
		3	Date: Thu, 5 Nov 2020 10:29:59 +0000
		4	Subject: [PATCH] zstd: Initialize seq_t structure fully
		5
		6	While many compilers will initialize this to zero, not all will, so it
		7	is better to be sure that fields not being explicitly set are at known
		8	values, and there is code that checks this fields value elsewhere in the
		9	code.
		10
		11	Fixes: CID 292440
		12
		13	Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
		14	Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
		15
		16	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2777cf4466719921dbe4b30af358a75e7d76f217]
		17	Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
		18	---
		19	grub-core/lib/zstd/zstd_decompress.c \| 2 +-
		20	1 file changed, 1 insertion(+), 1 deletion(-)
		21
		22	diff --git a/grub-core/lib/zstd/zstd_decompress.c b/grub-core/lib/zstd/zstd_decompress.c
		23	index 711b5b6..e4b5670 100644
		24	--- a/grub-core/lib/zstd/zstd_decompress.c
		25	+++ b/grub-core/lib/zstd/zstd_decompress.c
		26	@@ -1325,7 +1325,7 @@ typedef enum { ZSTD_lo_isRegularOffset, ZSTD_lo_isLongOffset=1 } ZSTD_longOffset
		27	FORCE_INLINE_TEMPLATE seq_t
		28	ZSTD_decodeSequence(seqState_t* seqState, const ZSTD_longOffset_e longOffsets)
		29	{
		30	- seq_t seq;
		31	+ seq_t seq = {0};
		32	U32 const llBits = seqState->stateLL.table[seqState->stateLL.state].nbAdditionalBits;
		33	U32 const mlBits = seqState->stateML.table[seqState->stateML.state].nbAdditionalBits;
		34	U32 const ofBits = seqState->stateOffb.table[seqState->stateOffb.state].nbAdditionalBits;


diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 1906a28f30..7cf4d64149 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc
@@ -60,6 +60,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
60	file://0011-gnulib-regexec-Fix-possible-null-dereference.patch \	60	file://0011-gnulib-regexec-Fix-possible-null-dereference.patch \
61	file://0012-gnulib-regcomp-Fix-uninitialized-re_token.patch \	61	file://0012-gnulib-regcomp-Fix-uninitialized-re_token.patch \
62	file://0013-io-lzopio-Resolve-unnecessary-self-assignment-errors.patch \	62	file://0013-io-lzopio-Resolve-unnecessary-self-assignment-errors.patch \
		63	file://0014-zstd-Initialize-seq_t-structure-fully.patch \
63	"	64	"
64	SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"	65	SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
65	SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"	66	SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"