load_cert_file: Fix stack issue

0214cd9cef5a fixes a NULL pointer dereference problem, it introduces two
new problems.  First it incorrectly assumes li.FilePath is a string.
Second, it puts EFI_LOADED_IMAGE li on the stack. It has been found
that not all archectures can handle this being on the stack.

The shim_li variable will be setup properly from the read_image
call. Use the global shim_li variable instead when calling
verify_image.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>

1 files changed, 1 insertions, 5 deletions

diff --git a/shim.c b/shim.c
index 27b74ce0..0d919ceb 100644
--- a/shim.c
+++ b/shim.c
@@ -1395,7 +1395,6 @@ EFI_STATUS
 load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName)
 {
 	EFI_STATUS efi_status;
-	EFI_LOADED_IMAGE li;
 	PE_COFF_LOADER_IMAGE_CONTEXT context;
 	EFI_IMAGE_SECTION_HEADER *Section;
 	EFI_SIGNATURE_LIST *certlist;
@@ -1410,10 +1409,7 @@ load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName)
 	if (EFI_ERROR(efi_status))
 		return efi_status;
 
-	memset(&li, 0, sizeof(li));
-	memcpy(&li.FilePath[0], filename, MIN(StrSize(filename), sizeof(li.FilePath)));
-
-	efi_status = verify_image(data, datasize, &li, &context);
+	efi_status = verify_image(data, datasize, shim_li, &context);
 	if (EFI_ERROR(efi_status))
 		return efi_status;