First Last Prev Next    This bug is not in your last search results.
Bug 151118 - grubby wrongly expands C format strings in grub.conf due to unsafe printf
grubby wrongly expands C format strings in grub.conf due to unsafe printf
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: mkinitrd (Show other bugs)
3
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Jones
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-14 19:06 EST by Pavel Roskin
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-15 16:16:05 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Fix for the bug (760 bytes, patch)
2005-03-14 19:10 EST, Pavel Roskin 		no flags Details | Diff
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Pavel Roskin 2005-03-14 19:06:46 EST 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20050221 Firefox/1.0 (Ubuntu) (Ubuntu package 1.0+dfsg.1-6ubuntu1)

Description of problem:
I have a line in /boot/grub/grub.conf that specifies terminfo grub
should use (the purpose is to have fancy colors on the serial console):

terminfo --name=linux --cursor-address=\E[%i%p1%d;%p2%dH \
--clear-screen=\E[H\E[J --enter-standout-mode=\e[33;44;1m \
--exit-standout-mode=\e[39;49;22m

After running "make install" in the kernel directory, the expression
after cursor-address is mangled:

terminfo --name=linux \
--cursor-address=\E[1345734640x80561781134568072;0x8052ab22-1073746488H
...

This happens because grubby uses printf without an explicit format,
assuming that there are no C formatting directived in grub.conf.  Not
only is it wrong, but it might crash grubby in some cases.


Version-Release number of selected component (if applicable):
mkinitrd-4.1.18-2

How reproducible:
Always

Steps to Reproduce:
1. Add line containing "# %s" in /boot/grub/grub.conf
2. Install a kernel from sources by running "make install".
3. See /boot/grub/grub.conf
    

Actual Results:  The line becomes "# (null)"

Expected Results:  The line should remain "# %s"

Additional info:
Comment 1 Pavel Roskin 2005-03-14 19:10:02 EST 
Created attachment 112002 [details]
Fix for the bug

The patch fixed all occurrences of *printf with variable format argument.
Comment 2 Peter Jones 2005-03-15 16:16:05 EST 
Fixed in rawhide, thanks for the patch.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.