diff options
| -rw-r--r-- | src/interface/efi/efi_init.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/interface/efi/efi_init.c b/src/interface/efi/efi_init.c index 284c39b..e1041a5 100644 --- a/src/interface/efi/efi_init.c +++ b/src/interface/efi/efi_init.c @@ -21,6 +21,7 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include <string.h> #include <errno.h> +#include <endian.h> #include <ipxe/init.h> #include <ipxe/rotate.h> #include <ipxe/efi/efi.h> @@ -128,6 +129,13 @@ efi_stack_cookie ( EFI_HANDLE handle ) { */ cookie <<= 8; + /* Ensure that the NUL byte is placed at the bottom of the + * stack cookie, to avoid potential disclosure via an + * unterminated string. + */ + if ( __BYTE_ORDER == __BIG_ENDIAN ) + cookie >>= 8; + return cookie; } |