summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRenaud Métrich <rmetrich@redhat.com>2023-01-16 07:49:44 +0100
committerPeter Jones <pjones@redhat.com>2023-02-01 13:19:39 -0500
commitf23883ccf78f1f605a272f9e5700f47e5494a71d (patch)
tree0d509aaa4f839f68ad6b9226d1a2e73e8b999436
parente4f40ae862b5389c8cc7d4f938a34238421456a1 (diff)
downloadefi-boot-shim-f23883ccf78f1f605a272f9e5700f47e5494a71d.tar.gz
efi-boot-shim-f23883ccf78f1f605a272f9e5700f47e5494a71d.zip
Don't loop forever in load_certs() with buggy firmware
On DELL R350 booting DVD through RFS with BIOS 1.4.2 in Secure Boot, firmware returns EFI_BUFFER_TOO_SMALL but with new buffersize set to 0, which causes the load_certs() code to loop forever: while (1) { efi_status = dir->Read(dir, &buffersize, buffer); if (efi_status == EFI_BUFFER_TOO_SMALL) { ... continue; } ... } This commit prevents such infinite loop. Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
Diffstat
-rw-r--r--shim.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/shim.c b/shim.c
index 4437898a..27a8c112 100644
--- a/shim.c
+++ b/shim.c
@@ -1483,11 +1483,21 @@ load_certs(EFI_HANDLE image_handle)
}
while (1) {
- int old = buffersize;
+ UINTN old = buffersize;
efi_status = dir->Read(dir, &buffersize, buffer);
if (efi_status == EFI_BUFFER_TOO_SMALL) {
- buffer = ReallocatePool(buffer, old, buffersize);
- continue;
+ if (buffersize != old) {
+ buffer = ReallocatePool(buffer, old, buffersize);
+ if (buffer == NULL) {
+ perror(L"Failed to read directory %s - %r\n",
+ PathName, EFI_OUT_OF_RESOURCES);
+ goto done;
+ }
+ continue;
+ }
+ perror(L"Failed to read directory %s - buggy firmware\n",
+ PathName);
+ goto done;
} else if (EFI_ERROR(efi_status)) {
perror(L"Failed to read directory %s - %r\n", PathName,
efi_status);
generated by cgit v1.2.3 (git 2.39.1) at 2026-06-22 19:11:35 +0000