From ba7bd5c2baf4a375e1c3f23fe9ede503f6435147 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Fri, 31 Aug 2018 21:31:32 +0200 Subject: [PATCH] efi_loader: don't use unlimited stack as buffer The length of a string printed to the console by the EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL is not limited by the UEFI spec. Hence should not allocate a buffer for it on the stack. Signed-off-by: Heinrich Schuchardt Signed-off-by: Alexander Graf --- lib/efi_loader/efi_console.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/lib/efi_loader/efi_console.c b/lib/efi_loader/efi_console.c index f3d612880c..f5f3f256dd 100644 --- a/lib/efi_loader/efi_console.c +++ b/lib/efi_loader/efi_console.c @@ -111,16 +111,21 @@ static efi_status_t EFIAPI efi_cout_output_string( { struct simple_text_output_mode *con = &efi_con_mode; struct cout_mode *mode = &efi_cout_modes[con->mode]; - - EFI_ENTRY("%p, %p", this, string); - - unsigned int n16 = u16_strlen(string); - char buf[MAX_UTF8_PER_UTF16 * n16 + 1]; + char *buf, *pos; u16 *p; + efi_status_t ret = EFI_SUCCESS; - *utf16_to_utf8((u8 *)buf, string, n16) = '\0'; + EFI_ENTRY("%p, %p", this, string); + buf = malloc(utf16_utf8_strlen(string) + 1); + if (!buf) { + ret = EFI_OUT_OF_RESOURCES; + goto out; + } + pos = buf; + utf16_utf8_strcpy(&pos, string); fputs(stdout, buf); + free(buf); /* * Update the cursor position. @@ -158,7 +163,8 @@ static efi_status_t EFIAPI efi_cout_output_string( con->cursor_row = min(con->cursor_row, (s32)mode->rows - 1); } - return EFI_EXIT(EFI_SUCCESS); +out: + return EFI_EXIT(ret); } static efi_status_t EFIAPI efi_cout_test_string( -- 2.25.1