Re: [U-Boot] [PATCH 07/15] efi_loader: remove limit on variable length

Sun, 26 Aug 2018 15:04:44 -0700 


On 26.08.18 20:40, Heinrich Schuchardt wrote:
> On 08/26/2018 08:13 PM, Alexander Graf wrote:
>>
>>
>> On 11.08.18 17:28, Heinrich Schuchardt wrote:
>>> The EFI spec does not provide a length limit for variables.
>>>
>>> Signed-off-by: Heinrich Schuchardt <xypron.g...@gmx.de>
>>> ---
>>>  lib/efi_loader/efi_variable.c | 52 ++++++++++++++++++++---------------
>>>  1 file changed, 30 insertions(+), 22 deletions(-)
>>>
>>> diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
>>> index 770c67abb9..495738884b 100644
>>> --- a/lib/efi_loader/efi_variable.c
>>> +++ b/lib/efi_loader/efi_variable.c
>>> @@ -44,10 +44,7 @@
>>>   * converted to utf16?
>>>   */
>>>  
>>> -#define MAX_VAR_NAME 31
>>> -#define MAX_NATIVE_VAR_NAME \
>>> -   (strlen("efi_xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx_") + \
>>> -           (MAX_VAR_NAME * MAX_UTF8_PER_UTF16))
>>> +#define PREFIX_LEN (strlen("efi_xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx_"))
>>>  
>>>  static int hex(int ch)
>>>  {
>>> @@ -101,18 +98,20 @@ static char *mem2hex(char *hexstr, const u8 *mem, int 
>>> count)
>>>     return hexstr;
>>>  }
>>>  
>>> -static efi_status_t efi_to_native(char *native, u16 *variable_name,
>>> +static efi_status_t efi_to_native(char **native, const u16 *variable_name,
>>>                               efi_guid_t *vendor)
>>>  {
>>>     size_t len;
>>> +   char *pos;
>>>  
>>> -   len = u16_strlen((u16 *)variable_name);
>>> -   if (len >= MAX_VAR_NAME)
>>> -           return EFI_DEVICE_ERROR;
>>> +   len = PREFIX_LEN + utf16_utf8_strlen(variable_name) + 1;
>>> +   *native = malloc(len);
>>> +   if (!*native)
>>> +           return EFI_OUT_OF_RESOURCES;
>>>  
>>> -   native += sprintf(native, "efi_%pUl_", vendor);
>>> -   native  = (char *)utf16_to_utf8((u8 *)native, (u16 *)variable_name, 
>>> len);
>>> -   *native = '\0';
>>> +   pos = *native;
>>> +   pos += sprintf(pos, "efi_%pUl_", vendor);
>>> +   utf16_utf8_strcpy(&pos, variable_name);
>>>  
>>>     return EFI_SUCCESS;
>>>  }
>>> @@ -168,7 +167,7 @@ efi_status_t EFIAPI efi_get_variable(u16 
>>> *variable_name, efi_guid_t *vendor,
>>>                                  u32 *attributes, efi_uintn_t *data_size,
>>>                                  void *data)
>>>  {
>>> -   char native_name[MAX_NATIVE_VAR_NAME + 1];
>>> +   char *native_name;
>>
>> I think you want to predefine this to = NULL to make sure that an error
>> path doesn't give you uninitialized values on free().
> 
> efi_to_native() returns EFI_OUT_OF_RESOURCES if the pointer cannot be
> assigned and the return value is checked. So how should I reach
> free(native_name) in this case?

True, convinced. I thought I saw a case where you could hit an
uninitialized native_name variable, but now I can't see it anymore.


Alex
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot

Reply via email to