leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

efi_loader: image_loader: fix a Coverity check against array access

Browse Source 
Coverity detected:
  Using "&opt->CheckSum" as an array.  This might corrupt or misinterpret
  adjacent memory locations.

The code should work as far as a structure, IMAGE_OPTIONAL_HEADER(64) is
packed, but modify it in more logical form. Subsystem is a member next to
CheckSum.

Reported-by: Coverity (CID 300339)
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This commit is contained in:
AKASHI Takahiro 2020-05-08 14:51:59 +09:00 committed by Heinrich Schuchardt
parent c5c657644b
commit 52d7bfe787
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/efi_loader/efi_image_loader.c
View File

@ -293,12 +293,12 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
efi_image_region_add(regs, efi, &opt->CheckSum, 0);
if (nt64->OptionalHeader.NumberOfRvaAndSizes <= ctidx) {
efi_image_region_add(regs,
&opt->CheckSum + 1,
&opt->Subsystem,
efi + opt->SizeOfHeaders, 0);
} else {
/* Skip Certificates Table */
efi_image_region_add(regs,
&opt->CheckSum + 1,
&opt->Subsystem,
&opt->DataDirectory[ctidx], 0);
efi_image_region_add(regs,
&opt->DataDirectory[ctidx] + 1,
@ -313,7 +313,7 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
efi_image_region_add(regs, efi, &opt->CheckSum, 0);
efi_image_region_add(regs, &opt->CheckSum + 1,
efi_image_region_add(regs, &opt->Subsystem,
&opt->DataDirectory[ctidx], 0);
efi_image_region_add(regs, &opt->DataDirectory[ctidx] + 1,
efi + opt->SizeOfHeaders, 0);