aboutsummaryrefslogtreecommitdiff
path: root/libstb/secvar/backend/edk2-compat-process.c
diff options
context:
space:
mode:
Diffstat (limited to 'libstb/secvar/backend/edk2-compat-process.c')
-rw-r--r--libstb/secvar/backend/edk2-compat-process.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/libstb/secvar/backend/edk2-compat-process.c b/libstb/secvar/backend/edk2-compat-process.c
index 037c1b4..55b50d6 100644
--- a/libstb/secvar/backend/edk2-compat-process.c
+++ b/libstb/secvar/backend/edk2-compat-process.c
@@ -135,8 +135,12 @@ static int get_esl_cert(const char *buf, const size_t buflen, char **cert)
sig_data_offset = sizeof(EFI_SIGNATURE_LIST)
+ le32_to_cpu(list->SignatureHeaderSize)
+ 16 * sizeof(uint8_t);
- if (sig_data_offset > buflen)
+
+ /* Ensure this ESL does not overflow the bounds of the buffer */
+ if (sig_data_offset + size > buflen) {
+ prlog(PR_ERR, "Number of bytes of ESL data is less than size specified\n");
return OPAL_PARAMETER;
+ }
*cert = zalloc(size);
if (!(*cert))
generated by cgit v1.1 at 2024-07-16 19:16:34 +0000