projects / oweals / u-boot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c5c6576)
efi_loader: image_loader: fix a Coverity check against array access
authorAKASHI Takahiro <takahiro.akashi@linaro.org>
Fri, 8 May 2020 05:51:59 +0000 (14:51 +0900)
committerHeinrich Schuchardt <xypron.glpk@gmx.de>
Sat, 9 May 2020 07:30:27 +0000 (09:30 +0200)
Coverity detected:
  Using "&opt->CheckSum" as an array.  This might corrupt or misinterpret
  adjacent memory locations.

The code should work as far as a structure, IMAGE_OPTIONAL_HEADER(64) is
packed, but modify it in more logical form. Subsystem is a member next to
CheckSum.

Reported-by: Coverity (CID 300339)
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
lib/efi_loader/efi_image_loader.c patch | blob | history

diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 4e075ae416e66e8be2b0053f1807b60710751d58..5dd601908d524652e41dc5b3813324a62c7f963b 100644 (file)
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -293,12 +293,12 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
                efi_image_region_add(regs, efi, &opt->CheckSum, 0);
                if (nt64->OptionalHeader.NumberOfRvaAndSizes <= ctidx) {
                        efi_image_region_add(regs,
-                                            &opt->CheckSum + 1,
+                                            &opt->Subsystem,
                                             efi + opt->SizeOfHeaders, 0);
                } else {
                        /* Skip Certificates Table */
                        efi_image_region_add(regs,
-                                            &opt->CheckSum + 1,
+                                            &opt->Subsystem,
                                             &opt->DataDirectory[ctidx], 0);
                        efi_image_region_add(regs,
                                             &opt->DataDirectory[ctidx] + 1,
@@ -313,7 +313,7 @@ bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
                IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
 
                efi_image_region_add(regs, efi, &opt->CheckSum, 0);
-               efi_image_region_add(regs, &opt->CheckSum + 1,
+               efi_image_region_add(regs, &opt->Subsystem,
                                     &opt->DataDirectory[ctidx], 0);
                efi_image_region_add(regs, &opt->DataDirectory[ctidx] + 1,
                                     efi + opt->SizeOfHeaders, 0);
Unnamed repository; edit this file 'description' to name the repository.