diff --git a/dp_h-check-_ucs2size-in-format_ucs2.patch b/dp_h-check-_ucs2size-in-format_ucs2.patch new file mode 100644 index 0000000..a7b8fa0 --- /dev/null +++ b/dp_h-check-_ucs2size-in-format_ucs2.patch @@ -0,0 +1,26 @@ +From 3f233dd9c8cbb267b2cf931c6191e650e8ab8a5f Mon Sep 17 00:00:00 2001 +From: Qiumiao Zhang +Date: Sat, 26 Aug 2023 14:36:24 +0800 +Subject: [PATCH] dp.h: check _ucs2size in format_ucs2() + +Signed-off-by: Qiumiao Zhang +--- + src/dp.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/dp.h b/src/dp.h +index 8290cc1..27f7650 100644 +--- a/src/dp.h ++++ b/src/dp.h +@@ -123,7 +123,7 @@ format_vendor_helper(unsigned char *buf, size_t size, char *label, + uint16_t *_ucs2buf; \ + uint32_t _ucs2size = sizeof(uint16_t) * len; \ + _ucs2buf = alloca(_ucs2size); \ +- if (_ucs2buf == NULL) \ ++ if (_ucs2buf == NULL || _ucs2size < sizeof(uint16_t)) \ + return -1; \ + memset(_ucs2buf, '\0', _ucs2size); \ + memcpy(_ucs2buf, str, _ucs2size - sizeof(uint16_t)); \ +-- +2.23.0 + diff --git a/efivar.spec b/efivar.spec index 34970b1..3c95782 100644 --- a/efivar.spec +++ b/efivar.spec @@ -1,6 +1,6 @@ Name: efivar Version: 38 -Release: 2 +Release: 3 Summary: Tools and libraries to work with EFI variables License: LGPL-2.1-only URL: https://github.com/rhboot/%{name} @@ -11,6 +11,7 @@ Patch0002: 0002-Fix-glibc-2.36-build-mount.h-conflicts.patch %ifarch sw_64 Patch0003: efivar-37-sw.patch %endif +Patch9000: dp_h-check-_ucs2size-in-format_ucs2.patch BuildRequires: popt-devel glibc-static BuildRequires: gcc mandoc @@ -72,6 +73,12 @@ install -m 0644 src/abignore %{buildroot}%{_includedir}/efivar/.abignore %{_mandir}/man3/* %changelog +* Tue Sep 12 2023 zhangqiumiao - 38-3 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:dp.h: check _ucs2size in format_ucs2() + * Wed Apr 26 2023 panchenbo - 38-2 - ID:NA - SUG:NA