diff options
| author | Chris Coulson <chris.coulson@canonical.com> | 2021-02-20 20:34:55 +0000 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2021-02-25 11:14:07 -0500 |
| commit | 9c48fc3e6493c885388371ffa56f6b9b18ce4c0b (patch) | |
| tree | 20995f1ca583648383826ec6da4f8788bb6a7c3f /pe.c | |
| parent | c98a10c519e78c3c7abf727cf89dcbbf05fa1f4a (diff) | |
| download | efi-boot-shim-9c48fc3e6493c885388371ffa56f6b9b18ce4c0b.tar.gz efi-boot-shim-9c48fc3e6493c885388371ffa56f6b9b18ce4c0b.zip | |
sbat: Don't assume VirtualSize == SizeOfRawData
The current code rejects the .sbat section if the VirtualSize and
SizeOfRawData fields of the section header aren't the same, but this
is too strict. The VirtualSize corresponds to the size of the SBAT
metadata and isn't necessarily a multiple of the file alignment.
The on-disk size (SizeOfRawData) is a multiple of the file alignment
and is zero padded. Make sure that the on-disk size is at least as
large as virtual size, and ignore the .sbat section if it isn't.
This should fix https://github.com/rhboot/shim/issues/281.
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Diffstat (limited to 'pe.c')
| -rw-r--r-- | pe.c | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -1043,10 +1043,14 @@ handle_image (void *data, unsigned int datasize, return EFI_UNSUPPORTED; } - /* If it has nonzero size, and our bounds check made - * sense, sizes match, then we believe it's okay. */ + /* The virtual size corresponds to the size of the SBAT + * metadata and isn't necessarily a multiple of the file + * alignment. The on-disk size is a multiple of the file + * alignment and is zero padded. Make sure that the + * on-disk size is at least as large as virtual size, + * and ignore the section if it isn't. */ if (Section->SizeOfRawData && - Section->SizeOfRawData == Section->Misc.VirtualSize && + Section->SizeOfRawData >= Section->Misc.VirtualSize && base && end) { SBATBase = base; /* +1 because of size vs last byte location */ |