[PATCH 1/1] efi_loader: avoid buffer overrun in efi_var_mem_compare
Heinrich Schuchardt
heinrich.schuchardt at canonical.com
Mon Feb 13 19:25:58 CET 2023
We should not scan beyond the end of string name.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
---
lib/efi_loader/efi_var_mem.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/lib/efi_loader/efi_var_mem.c b/lib/efi_loader/efi_var_mem.c
index e1058e3c6a..d6b65aed12 100644
--- a/lib/efi_loader/efi_var_mem.c
+++ b/lib/efi_loader/efi_var_mem.c
@@ -41,11 +41,13 @@ efi_var_mem_compare(struct efi_var_entry *var, const efi_guid_t *guid,
i < sizeof(efi_guid_t) && match; ++i)
match = (guid1[i] == guid2[i]);
- for (data = var->name, var_name = name;; ++data, ++var_name) {
+ for (data = var->name, var_name = name;; ++data) {
if (match)
match = (*data == *var_name);
if (!*data)
break;
+ if (*var_name)
+ ++var_name;
}
++data;
--
2.38.1
More information about the U-Boot
mailing list