efi_loader: parameter check in SetVirtualAddressMap

Check the parameters DescriptorSize and DescriptiorVersion of
SetVirtualAddressMap() as prescribed by the UEFI specification.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

diff --git a/lib/efi_loader/efi_runtime.c b/lib/efi_loader/efi_runtime.c
index fb2413146200a428b3b8347dade6097a4e96aa73..54e5a98bfc6cc2518351ebe595e3cf1a42e7c47d 100644 (file)
--- a/lib/efi_loader/efi_runtime.c
+++ b/lib/efi_loader/efi_runtime.c
@@ -641,12 +641,17 @@ static efi_status_t EFIAPI efi_set_virtual_address_map(
 {
        efi_uintn_t n = memory_map_size / descriptor_size;
        efi_uintn_t i;
+       efi_status_t ret = EFI_INVALID_PARAMETER;
        int rt_code_sections = 0;
        struct efi_event *event;
 
        EFI_ENTRY("%zx %zx %x %p", memory_map_size, descriptor_size,
                  descriptor_version, virtmap);
 
+       if (descriptor_version != EFI_MEMORY_DESCRIPTOR_VERSION ||
+           descriptor_size < sizeof(struct efi_mem_desc))
+               goto out;
+
        efi_virtmap = virtmap;
        efi_descriptor_size = descriptor_size;
        efi_descriptor_count = n;
@@ -677,7 +682,7 @@ static efi_status_t EFIAPI efi_set_virtual_address_map(
                 * We expose exactly one single runtime code section, so
                 * something is definitely going wrong.
                 */
-               return EFI_EXIT(EFI_INVALID_PARAMETER);
+               goto out;
        }
 
        /* Notify EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE */
@@ -738,11 +743,13 @@ static efi_status_t EFIAPI efi_set_virtual_address_map(
 
                        efi_relocate_runtime_table(new_offset);
                        efi_runtime_relocate(new_offset, map);
-                       return EFI_EXIT(EFI_SUCCESS);
+                       ret = EFI_SUCCESS;
+                       goto out;
                }
        }
 
-       return EFI_EXIT(EFI_INVALID_PARAMETER);
+out:
+       return EFI_EXIT(ret);
 }
 
 /**