rpms / efivar

Clone
Source Code
GIT

Blame SOURCES/0013-efi_variable_import-constrain-our-inputs-better.patch

c7 c7-alt c7-beta c7-i686 c8 c8-beta c8s c9 c9-beta
  1.   ac385cc549e34be3b7e6e34aa7d9e928aec68a24
  2.   SOURCES
  3.   0013-efi_variable_import-constrain-our-inputs-better.patch
Blob History Raw
ac385c 
From f6dc880cb1684d1836ade34e44c7710029c174e2 Mon Sep 17 00:00:00 2001
ac385c 
From: Peter Jones <pjones@redhat.com>
ac385c 
Date: Mon, 1 May 2017 15:02:27 -0400
ac385c 
Subject: [PATCH 13/22] efi_variable_import(): constrain our inputs better.
ac385c
ac385c 
efi_variable_import() could plausibly pass NULL to memcpy() if buf is 0
ac385c 
and size is < 0, though that should never be the case.  Make the input
ac385c 
checking return EINVAL if that's the case.
ac385c
ac385c 
Found by Covscan.
ac385c
ac385c 
Signed-off-by: Peter Jones <pjones@redhat.com>
ac385c 
---
ac385c 
 src/loadopt.c | 2 +-
ac385c 
 1 file changed, 1 insertion(+), 1 deletion(-)
ac385c
ac385c 
diff --git a/src/loadopt.c b/src/loadopt.c
ac385c 
index a3c1ba9..d4c2d46 100644
ac385c 
--- a/src/loadopt.c
ac385c 
+++ b/src/loadopt.c
ac385c 
@@ -302,7 +302,7 @@ __attribute__((__visibility__ ("default")))
ac385c 
 efi_loadopt_args_as_utf8(uint8_t *buf, ssize_t size, uint8_t *utf8)
ac385c 
 {
ac385c 
 	ssize_t req;
ac385c 
-	if (!buf && size > 0) {
ac385c 
+	if (!buf && size != 0) {
ac385c 
 		errno = EINVAL;
ac385c 
 		return -1;
ac385c 
 	}
ac385c 
--
ac385c 
2.12.2
ac385c

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation