sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-05-08 15:02:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

[efi] Ensure NUL byte is at lowest address within stack cookie

Browse Source 
The NUL byte included within the stack cookie to act as a string
terminator should be placed at the lowest byte address within the
stack cookie, in order to avoid potentially including the stack cookie
value within an accidentally unterminated string.

Suggested-by: Pete Beck <pete.beck@ioactive.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2020-07-09 14:20:53 +01:00
parent fcdd9c0982
commit b6eecb182e
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/interface/efi/efi_init.c
+8
View File
@@ -21,6 +21,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <endian.h>
#include <ipxe/init.h> #include <ipxe/init.h>
#include <ipxe/rotate.h> #include <ipxe/rotate.h>
#include <ipxe/efi/efi.h> #include <ipxe/efi/efi.h>
@@ -128,6 +129,13 @@ efi_stack_cookie ( EFI_HANDLE handle ) {
*/ */
cookie <<= 8; cookie <<= 8;
/* Ensure that the NUL byte is placed at the bottom of the
* stack cookie, to avoid potential disclosure via an
* unterminated string.
*/
if ( __BYTE_ORDER == __BIG_ENDIAN )
cookie >>= 8;
return cookie; return cookie;
} }