We have to check the pointer before dereferencing it. The patch fixes
such issues in the efivars module.
Signed-off-by: Andy Shevchenko <andy.shevchenko@xxxxxxxxx>
---
drivers/firmware/efi/efivars.c | 24 +++++++++++++++++-------
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/drivers/firmware/efi/efivars.c b/drivers/firmware/efi/efivars.c
index f256ecd..e62ef79 100644
--- a/drivers/firmware/efi/efivars.c
+++ b/drivers/firmware/efi/efivars.c
@@ -122,12 +122,14 @@ efivar_create_sysfs_entry(struct efivar_entry *new_var);
static ssize_t
efivar_guid_read(struct efivar_entry *entry, char *buf)
{
- struct efi_variable *var = &entry->var;
+ struct efi_variable *var;
char *str = buf;
if (!entry || !buf)
return 0;
+ var = &entry->var;
+
efi_guid_unparse(&var->VendorGuid, str);
str += strlen(str);
str += sprintf(str, "\n");
@@ -138,12 +140,14 @@ efivar_guid_read(struct efivar_entry *entry, char *buf)
static ssize_t
efivar_attr_read(struct efivar_entry *entry, char *buf)
{
- struct efi_variable *var = &entry->var;
+ struct efi_variable *var;
char *str = buf;
if (!entry || !buf)
return -EINVAL;
+ var = &entry->var;
+
var->DataSize = 1024;
if (efivar_entry_get(entry, &var->Attributes, &var->DataSize, var->Data))
return -EIO;
@@ -171,12 +175,14 @@ efivar_attr_read(struct efivar_entry *entry, char *buf)
static ssize_t
efivar_size_read(struct efivar_entry *entry, char *buf)
{
- struct efi_variable *var = &entry->var;
+ struct efi_variable *var;
char *str = buf;
if (!entry || !buf)
return -EINVAL;
+ var = &entry->var;
+
var->DataSize = 1024;
if (efivar_entry_get(entry, &var->Attributes, &var->DataSize, var->Data))
return -EIO;
@@ -188,11 +194,13 @@ efivar_size_read(struct efivar_entry *entry, char *buf)
static ssize_t
efivar_data_read(struct efivar_entry *entry, char *buf)
{
- struct efi_variable *var = &entry->var;
+ struct efi_variable *var;
if (!entry || !buf)
return -EINVAL;
+ var = &entry->var;
+
var->DataSize = 1024;
if (efivar_entry_get(entry, &var->Attributes, &var->DataSize, var->Data))
return -EIO;
@@ -280,7 +288,7 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count)
if (err)
return err;
- copy_out_compat(&entry->var, compat);
+ copy_out_compat(var, compat);
} else {
if (count != sizeof(struct efi_variable))
return -EINVAL;
@@ -297,7 +305,7 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count)
if (err)
return err;
- memcpy(&entry->var, new_var, count);
+ memcpy(var, new_var, count);
}
err = efivar_entry_set(entry, attributes, size, data, NULL);
@@ -312,13 +320,15 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count)
static ssize_t
efivar_show_raw(struct efivar_entry *entry, char *buf)
{
- struct efi_variable *var = &entry->var;
+ struct efi_variable *var;
struct compat_efi_variable *compat;
size_t size;
if (!entry || !buf)
return 0;
+ var = &entry->var;
+
var->DataSize = 1024;
if (efivar_entry_get(entry, &entry->var.Attributes,
&entry->var.DataSize, entry->var.Data))
--
1.8.3.101.g727a46b
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
