[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 2/7] efi: check for integer overflow in string conversion
From: |
Oliver Steffen |
Subject: |
[PATCH v2 2/7] efi: check for integer overflow in string conversion |
Date: |
Mon, 20 Feb 2023 19:56:25 +0100 |
Check for integer overflow when converting the name of the
EFI variable to UTF16 in grub_efi_set_variable_with_attributes().
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
---
grub-core/kern/efi/efi.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index 03abf5531..a23c80a21 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -25,6 +25,7 @@
#include <grub/efi/pe32.h>
#include <grub/time.h>
#include <grub/term.h>
+#include <grub/types.h>
#include <grub/kernel.h>
#include <grub/mm.h>
#include <grub/loader.h>
@@ -210,6 +211,11 @@ grub_efi_set_variable_with_attributes (const char *var,
const grub_efi_guid_t *g
grub_size_t len, len16;
len = grub_strlen (var);
+
+ /* Check for integer overflow */
+ if (len > GRUB_SIZE_MAX / GRUB_MAX_UTF16_PER_UTF8 - 1)
+ return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("variable name too long"));
+
len16 = len * GRUB_MAX_UTF16_PER_UTF8;
var16 = grub_calloc (len16 + 1, sizeof (var16[0]));
if (!var16)
--
2.39.2
- [PATCH v2 0/7] Add basic Boot Loader Interface support, Oliver Steffen, 2023/02/20
- [PATCH v2 3/7] Add a module for the Boot Loader Interface, Oliver Steffen, 2023/02/20
- [PATCH v2 1/7] efi: add grub_efi_set_variable_with_attributes, Oliver Steffen, 2023/02/20
- [PATCH v2 4/7] util/grub.d: activate bli module on EFI, Oliver Steffen, 2023/02/20
- [PATCH v2 2/7] efi: check for integer overflow in string conversion,
Oliver Steffen <=
- [PATCH v2 7/7] commands/bli: use grub_gpt_part_guid_snprint, Oliver Steffen, 2023/02/20
- [PATCH v2 6/7] commands/probe: use grub_gpt_part_guid_snprint, Oliver Steffen, 2023/02/20
- [PATCH v2 5/7] partmap/gpt: add print function for guids, Oliver Steffen, 2023/02/20