[PATCH 1/1] efi_loader: avoid buffer overrun in efi_var_restore()
Michal Simek
michal.simek at amd.com
Fri Mar 13 08:21:17 CET 2026
On 3/13/26 08:14, Ilias Apalodimas wrote:
> On Wed, 11 Mar 2026 at 19:30, Heinrich Schuchardt
> <heinrich.schuchardt at canonical.com> wrote:
>>
>> The value of buf->length comes from outside U-Boot and may be incorrect.
>> We must avoid to overrun our internal buffer for excessive values.
>>
>> If buf->length is shorter than the variable file header, the variable
>> file is invalid.
>>
>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
>> ---
>
> Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
Tested-by: Michal Simek <michal.simek at amd.com>
Thanks,
Michal
More information about the U-Boot
mailing list