[PATCH] uefi: uefidump: don't recurse forever on zero lengths (LP: #1174947)
Colin King
colin.king at canonical.com
Fri May 3 16:22:49 UTC 2013
From: Colin Ian King <colin.king at canonical.com>
We need to ensure that broken UEFI variables with zero length structs don't cause us
to recurse infinitely. So break out early and don't recurse so we run out of stack.
Signed-off-by: Colin Ian King <colin.king at canonical.com>
---
src/uefi/uefidump/uefidump.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/uefi/uefidump/uefidump.c b/src/uefi/uefidump/uefidump.c
index b115a62..31412c7 100644
--- a/src/uefi/uefidump/uefidump.c
+++ b/src/uefi/uefidump/uefidump.c
@@ -385,8 +385,10 @@ static char *uefidump_build_dev_path(char *path, fwts_uefi_dev_path *dev_path)
if (!((dev_path->type & 0x7f) == (FWTS_UEFI_END_DEV_PATH_TYPE) &&
(dev_path->subtype == FWTS_UEFI_END_ENTIRE_DEV_PATH_SUBTYPE))) {
uint16_t len = dev_path->length[0] | (((uint16_t)dev_path->length[1])<<8);
- dev_path = (fwts_uefi_dev_path*)((char *)dev_path + len);
- path = uefidump_build_dev_path(path, dev_path);
+ if (len > 0) {
+ dev_path = (fwts_uefi_dev_path*)((char *)dev_path + len);
+ path = uefidump_build_dev_path(path, dev_path);
+ }
}
return path;
--
1.8.1.2
More information about the fwts-devel
mailing list