Bootxxxx variables are provided by the user and therefore cannot be
trusted. We have to validate them before usage.
A device path provided by a Bootxxxx variable must have an end node within
the indicated device path length.
Signed-off-by: Heinrich Schuchardt <xypron.g...@gmx.de>
---
lib/efi_loader/efi_bootmgr.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/lib/efi_loader/efi_bootmgr.c b/lib/efi_loader/efi_bootmgr.c
index 1e06e60963..61dc72a23d 100644
--- a/lib/efi_loader/efi_bootmgr.c
+++ b/lib/efi_loader/efi_bootmgr.c
@@ -105,10 +105,8 @@ efi_status_t efi_deserialize_load_option(struct
efi_load_option *lo, u8 *data,
if (*size < len)
return EFI_INVALID_PARAMETER;
lo->file_path = (struct efi_device_path *)data;
- /*
- * TODO: validate device path. There should be an end node within
- * the indicated file_path_length.
- */
+ if (efi_dp_check_length(lo->file_path, len) < 0)
+ return EFI_INVALID_PARAMETER;
data += len;
*size -= len;
--
2.28.0
