u-boot/lib/efi_loader
Heinrich Schuchardt 15bbcafab1 efi_loader: fix get_last_capsule()
fix get_last_capsule() leads to writes beyond the stack allocated buffer.
This was indicated when enabling the stack protector.

utf16_utf8_strcpy() only stops copying when reaching '\0'. The current
invocation always writes beyond the end of value[].

The output length of utf16_utf8_strcpy() may be longer than the number of
UTF-16 tokens. E.g has "CapsuleКиев" has 11 UTF-16 tokens but 15 UTF-8
tokens. Hence, using utf16_utf8_strcpy() without checking the input may
lead to further writes beyond value[].

The current invocation of strict_strtoul() reads beyond the end of value[].

A non-hexadecimal value after "Capsule" (e.g. "CapsuleZZZZ") must result in
an error. We cat catch this by checking the return value of strict_strtoul().

A value that is too short after "Capsule" (e.g. "Capsule0") must result in
an error. We must check the string length of value[].

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-02-14 10:34:15 +01:00
..
.gitignore efi_loader: git ignore helloworld_efi.S 2020-01-07 18:08:20 +01:00
efi_acpi.c common: Drop log.h from common header 2020-05-18 21:19:18 -04:00
efi_bootmgr.c efi_loader: move load options to new module 2021-01-19 18:56:08 +01:00
efi_boottime.c efi_loader: notification with TPL_APPLICATION not allowed 2021-01-23 07:56:54 +01:00
efi_capsule.c efi_loader: fix get_last_capsule() 2021-02-14 10:34:15 +01:00
efi_console.c efi_loader: typedef efi_string_t text output protocol 2021-01-13 02:38:01 +01:00
efi_device_path_to_text.c efi_loader: VenMedia device path node 2021-02-04 20:12:41 +01:00
efi_device_path_utilities.c SPDX: Convert a few files that were missed before 2018-05-10 20:38:35 -04:00
efi_device_path.c dm: Use access methods for dev/uclass private data 2021-01-05 12:24:40 -07:00
efi_disk.c efi_loader: install UEFI System Partition GUID 2021-02-04 20:09:02 +01:00
efi_dt_fixup.c efi_loader: only check size if EFI_DT_APPLY_FIXUPS 2021-02-04 20:09:02 +01:00
efi_file.c efi_loader: implement non-blocking file services 2021-01-13 02:38:00 +01:00
efi_firmware.c efi_loader: Enable uefi capsule authentication 2020-12-31 14:41:31 +01:00
efi_freestanding.c efi_loader: fix freestanding memmove() 2020-03-22 11:06:23 +01:00
efi_gop.c common: Drop log.h from common header 2020-05-18 21:19:18 -04:00
efi_hii_config.c efi_loader: remove EFI_HII_CONFIG_ROUTING_PROTOCOL 2020-12-10 09:15:32 +01:00
efi_hii.c efi_loader: ListPackageLists() return EFI_NOT_FOUND 2019-06-20 22:26:19 +00:00
efi_image_loader.c efi_loader: don't load beyond VirtualSize 2021-02-14 10:34:15 +01:00
efi_load_initrd.c efi_loader: Remove unused headers from efi_load_initrd.c 2020-12-31 14:33:22 +01:00
efi_load_options.c efi_loader: move load options to new module 2021-01-19 18:56:08 +01:00
efi_memory.c efi_loader: remove outdated TODO in efi_memory.c 2021-01-13 02:38:01 +01:00
efi_net.c efi_loader: fix use after free in receive path 2020-10-19 22:59:53 +02:00
efi_rng.c efi_loader: Add missing newline to log_{err,warning} 2020-11-14 05:05:46 +01:00
efi_root_node.c efi_loader: remove EFI_UNICODE_COLLATION_PROTOCOL 2021-01-20 08:17:17 +01:00
efi_runtime.c efi_loader: don't set EFI_RT_SUPPORTED_UPDATE_CAPSULE 2020-12-10 09:15:32 +01:00
efi_setup.c efi_loader: switch to non-secure mode later 2021-01-29 20:22:40 +01:00
efi_signature.c efi: capsule: Add support for uefi capsule authentication 2020-12-31 14:41:31 +01:00
efi_smbios.c common: Drop log.h from common header 2020-05-18 21:19:18 -04:00
efi_string.c efi_loader: Add size checks to efi_create_indexed_name() 2020-12-31 14:33:23 +01:00
efi_tcg2.c efi_loader: Introduce eventlog support for TCG2_PROTOCOL 2020-12-03 21:22:40 +01:00
efi_unicode_collation.c efi_loader: remove EFI_UNICODE_COLLATION_PROTOCOL 2021-01-20 08:17:17 +01:00
efi_var_common.c efi_loader: add copyright notice 2020-08-08 19:03:24 +02:00
efi_var_file.c efi_loader: Enable run-time variable support for tee based variables 2020-08-01 11:57:41 +02:00
efi_var_mem.c efi_loader: Avoid emitting efi_var_buf to .GOT 2021-01-20 08:17:17 +01:00
efi_var_seed.S efi_loader: pre-seed UEFI variables 2020-07-16 12:37:02 +02:00
efi_variable_tee.c efi_loader: Avoid emitting efi_var_buf to .GOT 2021-01-20 08:17:17 +01:00
efi_variable.c efi_loader: Make the pkcs7 header parsing function an extern 2020-12-31 14:41:31 +01:00
efi_watchdog.c efi_loader: function descriptions efi_watchdog.c 2020-04-16 08:10:02 +02:00
helloworld.c efi_loader: print boot device and file path in helloworld 2021-01-13 02:38:00 +01:00
Kconfig efi_loader: remove EFI_UNICODE_COLLATION_PROTOCOL 2021-01-20 08:17:17 +01:00
Makefile efi_loader: EFI_DEVICE_PATH_UTILITIES_PROTOCOL configurable 2021-01-20 08:17:17 +01:00