mok: Avoid underflow in maximum variable size calculation - efi-boot-shim.git - (mirror of https://github.com/vyos/efi-boot-shim.git)

diff options

author	Alper Nebi Yasak <alpernebiyasak@gmail.com>	2023-07-08 19:08:39 +0300
committer	Peter Jones <pjones@redhat.com>	2023-07-19 16:13:44 -0400
commit	dbbe3c84bd0e7683d4b81c1794a112a6853b80ee (patch)
tree	b7c4079a02f4e6b6aefb7c8342aa585e91623eaa /Cryptlib/opensslconf-diff.patch
parent	1e985a3a238100ca5f4bda3e269a9eaec9bda74b (diff)
download	efi-boot-shim-dbbe3c84bd0e7683d4b81c1794a112a6853b80ee.tar.gz efi-boot-shim-dbbe3c84bd0e7683d4b81c1794a112a6853b80ee.zip

mok: Avoid underflow in maximum variable size calculation

The code that mirrors MOK database to EFI variables gets the remaining variable storage size from the firmware and subtracts the size needed for any overhead to see if there is enough space to create a new entry. However these calculations are on unsigned integer types, they can underflow and result in huge values when the firmware is about to run out of usable variable space. Explicitly check against this. Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>

Diffstat (limited to 'Cryptlib/opensslconf-diff.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: