[PATCH 1/1] efi_loader: incorrect buffer size in efi_file_setinfo()

Tue Nov 10 12:36:22 CET 2020

When copying a string with must allocate a byte for the terminating '\0' in
the target buffer.

Fixes: fbe4c7df0087 ("efi_loader: enable file SetInfo()")
Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
---
 lib/efi_loader/efi_file.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index 44fafae058..72b7ec1e63 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -723,7 +723,7 @@ static efi_status_t EFIAPI efi_file_setinfo(struct efi_file_handle *file,
 			goto out;
 		}
 		/* Check for renaming */
-		new_file_name = malloc(utf16_utf8_strlen(info->file_name));
+		new_file_name = malloc(utf16_utf8_strlen(info->file_name) + 1);
 		if (!new_file_name) {
 			ret = EFI_OUT_OF_RESOURCES;
 			goto out;
--
2.28.0

