efi_loader: parameter checks SetVariable()

Return EFI_INVALID_PARAMETER if the variable name has zero length or the
variable has runtime access but not boottime access.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
index e56053194daec46642103607904e85ed4f37aa3c..1d1b23b0e550ec2961e6ce31b1e6d446ecbff2d5 100644 (file)
--- a/lib/efi_loader/efi_variable.c
+++ b/lib/efi_loader/efi_variable.c
@@ -430,7 +430,9 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
                  data_size, data);
 
        /* TODO: implement APPEND_WRITE */
-       if (!variable_name || !vendor ||
+       if (!variable_name || !*variable_name || !vendor ||
+           ((attributes & EFI_VARIABLE_RUNTIME_ACCESS) &&
+            !(attributes & EFI_VARIABLE_BOOTSERVICE_ACCESS)) ||
            (attributes & EFI_VARIABLE_APPEND_WRITE)) {
                ret = EFI_INVALID_PARAMETER;
                goto out;