[PATCH] efi_loader: fix possible buffer overflow
Masahisa Kojima
masahisa.kojima at linaro.org
Wed Apr 14 04:55:49 CEST 2021
Variable "final" will have SHA512 digest, but currently
the array size is not sufficient. Let's fix it.
Signed-off-by: Masahisa Kojima <masahisa.kojima at linaro.org>
---
lib/efi_loader/efi_tcg2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index ed86a220fb..d5eca68769 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -515,7 +515,7 @@ static efi_status_t tcg2_create_digest(const u8 *input, u32 length,
sha1_context ctx;
sha256_context ctx_256;
sha512_context ctx_512;
- u8 final[TPM2_ALG_SHA512];
+ u8 final[TPM2_SHA512_DIGEST_SIZE];
efi_status_t ret;
u32 active;
int i;
--
2.17.1
More information about the U-Boot
mailing list