Check the parameters of EFI_FILE_PROTOCOL.GetInfo() to avoid possible NULL dereference.
Check the buffer size for EFI_FILE_SYSTEM_INFO. Signed-off-by: Heinrich Schuchardt <xypron.g...@gmx.de> --- lib/efi_loader/efi_file.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c index 2f03ae71fc..b79dc5fd29 100644 --- a/lib/efi_loader/efi_file.c +++ b/lib/efi_loader/efi_file.c @@ -596,6 +596,12 @@ static efi_status_t EFIAPI efi_file_getinfo(struct efi_file_handle *file, EFI_ENTRY("%p, %pUl, %p, %p", file, info_type, buffer_size, buffer); + if (!file || !info_type || !buffer_size || + (*buffer_size && !buffer)) { + ret = EFI_INVALID_PARAMETER; + goto error; + } + if (!guidcmp(info_type, &efi_file_info_guid)) { struct efi_file_info *info = buffer; char *filename = basename(fh); -- 2.23.0 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot