| Message ID | 20220531071535.219661-2-sughosh.ganu@linaro.org |
|---|---|
| State | Superseded |
| Headers | show |
| Series | EFI: Miscellaneous capsule update fixes | expand |
On 5/31/22 09:15, Sughosh Ganu wrote: > The GetImageInfo function of the Firmware Mangement Protocol(FMP) gets > called initially to query the size of the image descriptor array that > would have to be allocated. During this call, the rest of the function > arguments, specifically pointers might be passed as NULL. Do not > populate the descriptor_count value before it is known that the call > to GetImageInfo has been made with the allocated buffer for the image > descriptors. > > Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > --- > lib/efi_loader/efi_firmware.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c > index 27953fe769..6290ca0190 100644 > --- a/lib/efi_loader/efi_firmware.c > +++ b/lib/efi_loader/efi_firmware.c > @@ -130,9 +130,6 @@ static efi_status_t efi_fill_image_desc_array( > struct efi_fw_image *fw_array; > int i; > > - fw_array = update_info.images; > - *descriptor_count = num_image_type_guids; > - > total_size = sizeof(*image_info) * num_image_type_guids; > > if (*image_info_size < total_size) { > @@ -142,6 +139,8 @@ static efi_status_t efi_fill_image_desc_array( > } > *image_info_size = total_size; > > + fw_array = update_info.images; > + *descriptor_count = num_image_type_guids; > *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION; > *descriptor_size = sizeof(*image_info); > *package_version = 0xffffffff; /* not supported */
On Wed, 1 Jun 2022 at 08:49, Heinrich Schuchardt <xypron.glpk@gmx.de> wrote: > > On 5/31/22 09:15, Sughosh Ganu wrote: > > The GetImageInfo function of the Firmware Mangement Protocol(FMP) gets > > called initially to query the size of the image descriptor array that > > would have to be allocated. During this call, the rest of the function > > arguments, specifically pointers might be passed as NULL. Do not > > populate the descriptor_count value before it is known that the call > > to GetImageInfo has been made with the allocated buffer for the image > > descriptors. > > > > Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> > > Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > > > --- > > lib/efi_loader/efi_firmware.c | 5 ++--- > > 1 file changed, 2 insertions(+), 3 deletions(-) > > > > diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c > > index 27953fe769..6290ca0190 100644 > > --- a/lib/efi_loader/efi_firmware.c > > +++ b/lib/efi_loader/efi_firmware.c > > @@ -130,9 +130,6 @@ static efi_status_t efi_fill_image_desc_array( > > struct efi_fw_image *fw_array; > > int i; > > > > - fw_array = update_info.images; > > - *descriptor_count = num_image_type_guids; > > - > > total_size = sizeof(*image_info) * num_image_type_guids; > > > > if (*image_info_size < total_size) { > > @@ -142,6 +139,8 @@ static efi_status_t efi_fill_image_desc_array( > > } > > *image_info_size = total_size; > > > > + fw_array = update_info.images; > > + *descriptor_count = num_image_type_guids; > > *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION; > > *descriptor_size = sizeof(*image_info); > > *package_version = 0xffffffff; /* not supported */ > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c index 27953fe769..6290ca0190 100644 --- a/lib/efi_loader/efi_firmware.c +++ b/lib/efi_loader/efi_firmware.c @@ -130,9 +130,6 @@ static efi_status_t efi_fill_image_desc_array( struct efi_fw_image *fw_array; int i; - fw_array = update_info.images; - *descriptor_count = num_image_type_guids; - total_size = sizeof(*image_info) * num_image_type_guids; if (*image_info_size < total_size) { @@ -142,6 +139,8 @@ static efi_status_t efi_fill_image_desc_array( } *image_info_size = total_size; + fw_array = update_info.images; + *descriptor_count = num_image_type_guids; *descriptor_version = EFI_FIRMWARE_IMAGE_DESCRIPTOR_VERSION; *descriptor_size = sizeof(*image_info); *package_version = 0xffffffff; /* not supported */
The GetImageInfo function of the Firmware Mangement Protocol(FMP) gets called initially to query the size of the image descriptor array that would have to be allocated. During this call, the rest of the function arguments, specifically pointers might be passed as NULL. Do not populate the descriptor_count value before it is known that the call to GetImageInfo has been made with the allocated buffer for the image descriptors. Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> --- lib/efi_loader/efi_firmware.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)