diff options
Diffstat (limited to 'libstb/secvar/backend/edk2-compat-process.c')
-rw-r--r-- | libstb/secvar/backend/edk2-compat-process.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/libstb/secvar/backend/edk2-compat-process.c b/libstb/secvar/backend/edk2-compat-process.c index 037c1b4..55b50d6 100644 --- a/libstb/secvar/backend/edk2-compat-process.c +++ b/libstb/secvar/backend/edk2-compat-process.c @@ -135,8 +135,12 @@ static int get_esl_cert(const char *buf, const size_t buflen, char **cert) sig_data_offset = sizeof(EFI_SIGNATURE_LIST) + le32_to_cpu(list->SignatureHeaderSize) + 16 * sizeof(uint8_t); - if (sig_data_offset > buflen) + + /* Ensure this ESL does not overflow the bounds of the buffer */ + if (sig_data_offset + size > buflen) { + prlog(PR_ERR, "Number of bytes of ESL data is less than size specified\n"); return OPAL_PARAMETER; + } *cert = zalloc(size); if (!(*cert)) |