On 28.07.22 15:51, [email protected] wrote: > From: venkata pyla <[email protected]> > > This avoids unnecessary garbage data in env data buffer and allows to > load configuration when valid config parts are less than ENV_NUM_CONFIG_PARTS. > > This fixes the efi configuration load issue when single efi config > partition is used. > > Signed-off-by: venkata pyla <[email protected]> > --- > env/fatvars.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/env/fatvars.c b/env/fatvars.c > index 4cd52ad..1365f0d 100644 > --- a/env/fatvars.c > +++ b/env/fatvars.c > @@ -94,7 +94,7 @@ BG_STATUS load_config(BG_LOADER_PARAMS *bglp) > UINTN i; > int env_invalid[ENV_NUM_CONFIG_PARTS] = {0}; > > - env = (BG_ENVDATA *)AllocatePool(sizeof(BG_ENVDATA) * > + env = (BG_ENVDATA *)AllocateZeroPool(sizeof(BG_ENVDATA) * > ENV_NUM_CONFIG_PARTS); > if (!env) { > ERROR(L"Could not allocate memory for config data.\n");
Good catch! Applied. Given that a potential attacker could also simply provide a zeroed bgenv.dat to cause this, this is not an attack vector. Still a bug. Thanks, Jan -- Siemens AG, Technology Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/6f7eb8fe-dfb2-02bb-0c02-463537a7f2b0%40siemens.com.
