URL: <http://savannah.gnu.org/bugs/?51188>
Summary: FPE (division by zero) in grub_ext2_read_inode() Project: GNU GRUB Submitted by: fumfel Submitted on: Tue 06 Jun 2017 11:00:13 AM UTC Category: Filesystem Severity: Major Priority: 5 - Normal Item Group: Software Error Status: None Privacy: Public Assigned to: None Originator Name: Originator Email: Open/Closed: Open Discussion Lock: Any Release: Release: other Reproducibility: Every Time Planned Release: None _______________________________________________________ Details: While fuzzing radare2 I found FPE in function grub_ext2_read_inode() Original issue with repro: https://github.com/radare/radare2/issues/7650 ASAN from r2: ==10375==ERROR: AddressSanitizer: FPE on unknown address 0x7fb2f4af4726 (pc 0x7fb2f4af4726 bp 0x7fff41d52850 sp 0x7fff41d52720 T0) #0 0x7fb2f4af4725 in grub_ext2_read_inode XYZ/radare2/shlr/grub/fs/ext2.c:525:29 #1 0x7fb2f4af2ce4 in grub_ext2_mount XYZ/radare2/shlr/grub/fs/ext2.c:593:3 #2 0x7fb2f4af19ac in grub_ext2_dir XYZ/radare2/shlr/grub/fs/ext2.c:863:10 #3 0x7fb2f4ad2c58 in ext2__mount XYZ/radare2/libr/fs/p/fs_grub_base.c:74:8 #4 0x7fb2f4addeaa in r_fs_mount XYZ/radare2/libr/fs/fs.c:151:7 #5 0x7fb2f7ef996b in cmd_mount XYZ/radare2/libr/core/./cmd_mount.c:49:9 #6 0x7fb2f80be7df in r_cmd_call XYZ/radare2/libr/core/cmd_api.c:226:10 #7 0x7fb2f7faddeb in r_core_cmd_subst_i XYZ/radare2/libr/core/cmd.c:2178:12 #8 0x7fb2f7ef6127 in r_core_cmd_subst XYZ/radare2/libr/core/cmd.c:1368:9 #9 0x7fb2f7eef8b9 in r_core_cmd XYZ/radare2/libr/core/cmd.c:2786:9 #10 0x7fb2f7eda74f in r_core_cmdf XYZ/radare2/libr/core/cmd.c:2942:8 #11 0x7fb2f8098e42 in bin_info XYZ/radare2/libr/core/cbin.c:621:4 #12 0x7fb2f8098e42 in r_core_bin_info XYZ/radare2/libr/core/cbin.c:2870 #13 0x7fb2f8089531 in r_core_bin_set_env XYZ/radare2/libr/core/cbin.c:115:3 #14 0x7fb2f8015064 in r_core_file_do_load_for_io_plugin XYZ/radare2/libr/core/file.c:434:2 #15 0x7fb2f8015064 in r_core_bin_load XYZ/radare2/libr/core/file.c:567 #16 0x55e7cf695f6b in main XYZ/radare2/binr/radare2/radare2.c:952:14 #17 0x7fb2f0bae82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #18 0x55e7cf5c5f38 in _start (/usr/local/bin/radare2+0x20f38) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: FPE XYZ/radare2/shlr/grub/fs/ext2.c:525:29 in grub_ext2_read_inode ==10375==ABORTING _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?51188> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ _______________________________________________ Bug-grub mailing list Bug-grub@gnu.org https://lists.gnu.org/mailman/listinfo/bug-grub