[PATCH v3 02/10] efi: Check for integer overflow in string conversion

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 02/10] efi: Check for integer overflow in string conversion

From:	Oliver Steffen
Subject:	[PATCH v3 02/10] efi: Check for integer overflow in string conversion
Date:	Thu, 2 Mar 2023 19:20:37 +0100

Check for integer overflow when converting the name of the
EFI variable to UTF16 in grub_efi_set_variable_with_attributes().

Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 grub-core/kern/efi/efi.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index 03abf5531..a23c80a21 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -25,6 +25,7 @@
 #include <grub/efi/pe32.h>
 #include <grub/time.h>
 #include <grub/term.h>
+#include <grub/types.h>
 #include <grub/kernel.h>
 #include <grub/mm.h>
 #include <grub/loader.h>
@@ -210,6 +211,11 @@ grub_efi_set_variable_with_attributes (const char *var, 
const grub_efi_guid_t *g
   grub_size_t len, len16;
 
   len = grub_strlen (var);
+
+  /* Check for integer overflow */
+  if (len > GRUB_SIZE_MAX / GRUB_MAX_UTF16_PER_UTF8 - 1)
+    return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("variable name too long"));
+
   len16 = len * GRUB_MAX_UTF16_PER_UTF8;
   var16 = grub_calloc (len16 + 1, sizeof (var16[0]));
   if (!var16)
-- 
2.39.2

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v3 00/10] Add basic Boot Loader Interface support, Oliver Steffen, 2023/03/02
- [PATCH v3 01/10] efi: Add grub_efi_set_variable_with_attributes, Oliver Steffen, 2023/03/02
- [PATCH v3 04/10] kern/misc: Add a format specifier GUIDs., Oliver Steffen, 2023/03/02
- [PATCH v3 03/10] Unify GUID types, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 03/10] Unify GUID types, Daniel Kiper, 2023/03/08
- [PATCH v3 07/10] grub-core/kern/efi: Remove redundant null-termination, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 07/10] grub-core/kern/efi: Remove redundant null-termination, Daniel Kiper, 2023/03/08
- [PATCH v3 02/10] efi: Check for integer overflow in string conversion, Oliver Steffen <=
- [PATCH v3 05/10] grub-core: Make use of guid printf format specifier, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 05/10] grub-core: Make use of guid printf format specifier, Daniel Kiper, 2023/03/08
- [PATCH v3 06/10] Add a module for the Boot Loader Interface, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 06/10] Add a module for the Boot Loader Interface, Daniel Kiper, 2023/03/08
- [PATCH v3 08/10] types.h: Add GRUB_SSIZE_MAX, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 08/10] types.h: Add GRUB_SSIZE_MAX, Daniel Kiper, 2023/03/08
- [PATCH v3 10/10] util/grub.d: Activate bli module on EFI, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 10/10] util/grub.d: Activate bli module on EFI, Daniel Kiper, 2023/03/08
- [PATCH v3 09/10] commands/bli: Extract uft8 to utf16 conversion, Oliver Steffen, 2023/03/02
  - Re: [PATCH v3 09/10] commands/bli: Extract uft8 to utf16 conversion, Daniel Kiper, 2023/03/08

Prev by Date: [PATCH v3 07/10] grub-core/kern/efi: Remove redundant null-termination
Next by Date: [PATCH v3 05/10] grub-core: Make use of guid printf format specifier
Previous by thread: Re: [PATCH v3 07/10] grub-core/kern/efi: Remove redundant null-termination
Next by thread: [PATCH v3 05/10] grub-core: Make use of guid printf format specifier
Index(es):
- Date
- Thread