diff options
| author | Michał Żygowski <michal.zygowski@3mdeb.com> | 2023-12-16 12:45:42 +0100 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2025-01-21 11:00:49 -0500 |
| commit | dc45aa6b3ce0c54c20ed284222297cdb29baa5d5 (patch) | |
| tree | c431757fdffe3f79019334fbe21cd9241e57fd14 | |
| parent | 3caa75e5693368f44478a1da272095cebc0b4c78 (diff) | |
| download | efi-boot-shim-dc45aa6b3ce0c54c20ed284222297cdb29baa5d5.tar.gz efi-boot-shim-dc45aa6b3ce0c54c20ed284222297cdb29baa5d5.zip | |
lib/simple_file.c: Allocate zeroed pool for SimpleFS entries
The loop retrieving the SimpleFS volume labels and names may
skip some volumes if either HandleProtocol or OpenVolume or
GetInfo fails. Those skipped volumes would have uninitialized
pointers to their names in the respective entries indices. This
would lead to accessing random memory in console_select, because
count_lines would not catch the holes with non-existing entries.
On affected platforms the result is a hang of the MokManager while
trying to enroll a key from disk. The issue has been triggered on
a TianoCore EDK2 UEFIPayload based firmware for x86 platforms with
additional filesystem drivers: ExFAT, NTFS, EXT2 and EXT4.
Use AllocateZeroPool to ensure entries array will be initialized
with NULL pointers. Handling the non-existing entries will be
added in subsequent commits.
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
| -rw-r--r-- | lib/simple_file.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/simple_file.c b/lib/simple_file.c index f22852d4..43b2f87a 100644 --- a/lib/simple_file.c +++ b/lib/simple_file.c @@ -184,7 +184,7 @@ simple_volume_selector(CHAR16 **title, CHAR16 **selected, EFI_HANDLE *h) if (!count || !vol_handles) return EFI_NOT_FOUND; - entries = AllocatePool(sizeof(CHAR16 *) * (count+1)); + entries = AllocateZeroPool(sizeof(CHAR16 *) * (count+1)); if (!entries) return EFI_OUT_OF_RESOURCES; |