From fe179d7fb5c10d8a4e299af06c766f47f2c8d51a Mon Sep 17 00:00:00 2001 From: Ilias Apalodimas Date: Thu, 31 Dec 2020 12:26:46 +0200 Subject: efi_loader: Add size checks to efi_create_indexed_name() Although the function description states the caller must provide a sufficient buffer, it's better to have in function checks that the destination buffer can hold the intended value. So let's add an extra argument with the buffer size and check that before doing any copying. Signed-off-by: Ilias Apalodimas Reviewed-by: Heinrich Schuchardt --- lib/efi_loader/efi_capsule.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'lib/efi_loader/efi_capsule.c') diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index ea22ee79684..4ef25462678 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -73,8 +73,8 @@ void set_capsule_result(int index, struct efi_capsule_header *capsule, struct efi_time time; efi_status_t ret; - efi_create_indexed_name(variable_name16, "Capsule", index); - + efi_create_indexed_name(variable_name16, sizeof(variable_name16), + "Capsule", index); result.variable_total_size = sizeof(result); result.capsule_guid = capsule->capsule_guid; ret = EFI_CALL((*efi_runtime_services.get_time)(&time, NULL)); @@ -896,7 +896,8 @@ efi_status_t efi_launch_capsules(void) free(files); /* CapsuleLast */ - efi_create_indexed_name(variable_name16, "Capsule", index - 1); + efi_create_indexed_name(variable_name16, sizeof(variable_name16), + "Capsule", index - 1); efi_set_variable_int(L"CapsuleLast", &efi_guid_capsule_report, EFI_VARIABLE_READ_ONLY | EFI_VARIABLE_NON_VOLATILE | -- cgit v1.2.3