Re: [PATCH] efi: fix a race and a buffer overflow while reading efivars via sysfs

From: Ard Biesheuvel
Date: Wed Mar 04 2020 - 10:47:50 EST

Next message: KP Singh: "[PATCH bpf-next v3 0/7] Introduce BPF_MODIFY_RET tracing progs"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH 01/12] perf tools: Add hw_idx in struct branch_stack"
In reply to: Vladis Dronov: "Re: [PATCH] efi: fix a race and a buffer overflow while reading efivars via sysfs"
Next in thread: Vladis Dronov: "[PATCH v2] efi: fix a race and a buffer overflow while reading efivars via sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 4 Mar 2020 at 16:45, Vladis Dronov <vdronov@xxxxxxxxxx> wrote:
>
> Hello, Ard,
>
> > Wouldn't it be easier to pass a var_data_size stack variable into
> > efivar_entry_get(), and only update the value in 'var' if it is <=
> > 1024?
>
> I have prepared a v2 patch with an approach you suggest and will send it
> out shortly. It indeed simpler and fixes only the overflow bug mentioned.
>
> Could you, please, review it and if you like it, probably, accept it?
> In case I've implemented your idea incorrectly, could you, please,
> correct me?
>

Absolutely! Thanks for taking the time to fix these bugs, your
contributions are most welcome (and apologies if my responses
suggested otherwise)

Next message: KP Singh: "[PATCH bpf-next v3 0/7] Introduce BPF_MODIFY_RET tracing progs"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH 01/12] perf tools: Add hw_idx in struct branch_stack"
In reply to: Vladis Dronov: "Re: [PATCH] efi: fix a race and a buffer overflow while reading efivars via sysfs"
Next in thread: Vladis Dronov: "[PATCH v2] efi: fix a race and a buffer overflow while reading efivars via sysfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]