subject:"\[SECURITY PATCH 100\/117\] kern\/parser\: Fix a stack buffer overflow"

Re: [SECURITY PATCH 100/117] kern/parser: Fix a stack buffer overflow

2021-07-20 Thread Chris Coulson

Hi, Sorry for taking a while to look at this. On 10/06/2021 12:55, Paul Menzel wrote: > Dear Daniel, dear Chris, > > > Am 02.03.21 um 19:01 schrieb Daniel Kiper: >> From: Chris Coulson >> >> grub_parser_split_cmdline() expands variable names present in the >> supplied >> command line in to

Re: [SECURITY PATCH 100/117] kern/parser: Fix a stack buffer overflow

2021-06-28 Thread Paul Menzel

Dear Daniel, dear Chris, Am 10.06.21 um 13:55 schrieb Paul Menzel: Am 02.03.21 um 19:01 schrieb Daniel Kiper: From: Chris Coulson grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1 kiB stack

Re: [SECURITY PATCH 100/117] kern/parser: Fix a stack buffer overflow

2021-06-10 Thread Paul Menzel

Dear Daniel, dear Chris, Am 02.03.21 um 19:01 schrieb Daniel Kiper: From: Chris Coulson grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1 kiB stack buffer for temporary storage without sufficient

[SECURITY PATCH 100/117] kern/parser: Fix a stack buffer overflow

2021-03-02 Thread Daniel Kiper

From: Chris Coulson grub_parser_split_cmdline() expands variable names present in the supplied command line in to their corresponding variable contents and uses a 1 kiB stack buffer for temporary storage without sufficient bounds checking. If the function is called with a command line that