[PATCH 1/5] efi_selftest: fix buffer overflow
Ilias Apalodimas
ilias.apalodimas at linaro.org
Fri Feb 20 08:37:42 CET 2026
On Thu Feb 19, 2026 at 8:43 PM EET, Vincent Stehlé wrote:
> The test of the UEFI LocateHandleBuffer() function clears a returned buffer
> at some point to reuse it, but there is an error in the size computation,
> which leads to a buffer overflow; fix it.
>
> Fixes: 927ca890b09f ("efi_selftest: test protocol management")
> Signed-off-by: Vincent Stehlé <vincent.stehle at arm.com>
> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de>
> Cc: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> Cc: Tom Rini <trini at konsulko.com>
> ---
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> lib/efi_selftest/efi_selftest_manageprotocols.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/efi_selftest/efi_selftest_manageprotocols.c b/lib/efi_selftest/efi_selftest_manageprotocols.c
> index 097b2ae3545..ccffa59095d 100644
> --- a/lib/efi_selftest/efi_selftest_manageprotocols.c
> +++ b/lib/efi_selftest/efi_selftest_manageprotocols.c
> @@ -241,7 +241,7 @@ static int execute(void)
> return EFI_ST_FAILURE;
> }
> /* Clear the buffer, we are reusing it it the next step. */
> - boottime->set_mem(buffer, sizeof(efi_handle_t) * buffer_size, 0);
> + boottime->set_mem(buffer, sizeof(efi_handle_t) * count, 0);
>
> /*
> * Test LocateHandle with ByProtocol
More information about the U-Boot
mailing list