diff options
| author | Tormod Volden <debian.tormod@gmail.com> | 2024-07-25 14:30:56 +0200 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-10-04 21:11:41 +0000 |
| commit | 54469a6918320591a3ec318eada60aed3c75334c (patch) | |
| tree | 1ed4b90c285dcf2f94ae43be2c31d9049d2be394 | |
| parent | b21cf3bd5bd75ea831471d12bd37fe07b57ae506 (diff) | |
| download | edk2-54469a6918320591a3ec318eada60aed3c75334c.tar.gz edk2-54469a6918320591a3ec318eada60aed3c75334c.tar.bz2 edk2-54469a6918320591a3ec318eada60aed3c75334c.zip | |
ShellPkg: Fix Optional Data rewriting with bcfg
When modifying the Optional Data of a boot option with bcfg boot -opt
the result was corrupted data, for instance a concatenation of old data,
heap contents, and new data. This was due to a erronous calculation of
the original optional data length.
In addition to fixing the calculation, add explaining comments and
introduce a helper variable, to not abuse other variables and confuse
readers (including the author).
Signed-off-by: Tormod Volden <debian.tormod@gmail.com>
| -rw-r--r-- | ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.c b/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.c index 0b94d9f5a1..3ad96647ec 100644 --- a/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.c +++ b/ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.c @@ -99,6 +99,7 @@ UpdateOptionalData ( UINT8 *OriginalData;
UINTN NewSize;
UINT8 *NewData;
+ UINTN TmpSize;
UINTN OriginalOptionDataSize;
UnicodeSPrint (VariableName, sizeof (VariableName), L"%s%04x", Target == BcfgTargetBootOrder ? L"Boot" : L"Driver", Index);
@@ -135,11 +136,14 @@ UpdateOptionalData ( // Allocate new struct and discard old optional data.
//
ASSERT (OriginalData != NULL);
- OriginalOptionDataSize = sizeof (UINT32) + sizeof (UINT16) + StrSize (((CHAR16 *)(OriginalData + sizeof (UINT32) + sizeof (UINT16))));
- OriginalOptionDataSize += (*(UINT16 *)(OriginalData + sizeof (UINT32)));
- OriginalOptionDataSize -= OriginalSize;
- NewSize = OriginalSize - OriginalOptionDataSize + DataSize;
- NewData = AllocatePool (NewSize);
+ // Length of Attributes, FilePathListLength, Description fields
+ TmpSize = sizeof (UINT32) + sizeof (UINT16) + StrSize (((CHAR16 *)(OriginalData + sizeof (UINT32) + sizeof (UINT16))));
+ // Length of FilePathList field
+ TmpSize += (*(UINT16 *)(OriginalData + sizeof (UINT32)));
+ // What remains is the original OptionalData field
+ OriginalOptionDataSize = OriginalSize - TmpSize;
+ NewSize = OriginalSize - OriginalOptionDataSize + DataSize;
+ NewData = AllocatePool (NewSize);
if (NewData == NULL) {
Status = EFI_OUT_OF_RESOURCES;
} else {
|