Re: [PATCH v2] efi: fix a race and a buffer overflow while reading efivars via sysfs
From: Vladis Dronov
Date: Thu Mar 05 2020 - 01:17:36 EST
Hello, Joey, all,
> > - var->DataSize = 1024;
> > - if (efivar_entry_get(entry, &entry->var.Attributes,
> > - &entry->var.DataSize, entry->var.Data))
> > + ret = efivar_entry_get(entry, &var->Attributes, &datasize, var->Data);
> > + var->DataSize = size;
>
> The size is indeterminate here. I think that it should uses datasize?
> var->DataSize = datasize;
Indeed, my mistake. Thank you much! I will fix it in the v3 patchset I'm
currently composing.
Best regards,
Vladis Dronov | Red Hat, Inc. | The Core Kernel | Senior Software Engineer