| Message ID | 1431686131-12311-1-git-send-email-colin.king@canonical.com |
|---|---|
| State | Accepted |
| Headers | show |
On 05/15/2015 03:35 AM, Colin King wrote: > From: Colin Ian King <colin.king@canonical.com> > > The existing code passes the size of name, which turns out to be a 4 or > 8 depending on a 32 or 64 bit machine because name is a pointer and not > a buffer. Fix this by making name a variable sized array; this also > allows us to remove the complexity of allocation failure handling too. > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > src/uefi/uefirtvariable/uefirtvariable.c | 19 +++++++------------ > 1 file changed, 7 insertions(+), 12 deletions(-) > > diff --git a/src/uefi/uefirtvariable/uefirtvariable.c b/src/uefi/uefirtvariable/uefirtvariable.c > index 0617ff4..e59e005 100644 > --- a/src/uefi/uefirtvariable/uefirtvariable.c > +++ b/src/uefi/uefirtvariable/uefirtvariable.c > @@ -633,7 +633,6 @@ static int getnextvariable_test3(fwts_framework *fw) > uint64_t maxvariablenamesize = variablenamesize; > uint16_t *variablename; > EFI_GUID vendorguid; > - char *name; > int ret; > > variablename = malloc(sizeof(uint16_t) * variablenamesize); > @@ -730,17 +729,13 @@ static int getnextvariable_test3(fwts_framework *fw) > item->hash = hash_func(variablename, variablenamesize); > > if (bucket_insert(item)) { > - name = malloc(variablenamesize * sizeof(char)); > - if (name) { > - fwts_uefi_str16_to_str(name, sizeof(name), variablename); > - fwts_failed(fw, LOG_LEVEL_HIGH, > - "UEFIRuntimeGetNextVariableName", > - "Duplicate variable name %s found.", name); > - free(name); > - } else > - fwts_failed(fw, LOG_LEVEL_HIGH, > - "UEFIRuntimeGetNextVariableName", > - "Duplicate variable name found (too long name)."); > + char name[variablenamesize]; > + > + fwts_uefi_str16_to_str(name, sizeof(name), variablename); > + fwts_failed(fw, LOG_LEVEL_HIGH, > + "UEFIRuntimeGetNextVariableName", > + "Duplicate variable name %s found.", name); > + > free(item->name); > free(item->guid); > free(item); > Acked-by: Alex Hung <alex.hung@canonical.com>
On 2015年05月15日 18:35, Colin King wrote: > From: Colin Ian King <colin.king@canonical.com> > > The existing code passes the size of name, which turns out to be a 4 or > 8 depending on a 32 or 64 bit machine because name is a pointer and not > a buffer. Fix this by making name a variable sized array; this also > allows us to remove the complexity of allocation failure handling too. > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > src/uefi/uefirtvariable/uefirtvariable.c | 19 +++++++------------ > 1 file changed, 7 insertions(+), 12 deletions(-) > > diff --git a/src/uefi/uefirtvariable/uefirtvariable.c b/src/uefi/uefirtvariable/uefirtvariable.c > index 0617ff4..e59e005 100644 > --- a/src/uefi/uefirtvariable/uefirtvariable.c > +++ b/src/uefi/uefirtvariable/uefirtvariable.c > @@ -633,7 +633,6 @@ static int getnextvariable_test3(fwts_framework *fw) > uint64_t maxvariablenamesize = variablenamesize; > uint16_t *variablename; > EFI_GUID vendorguid; > - char *name; > int ret; > > variablename = malloc(sizeof(uint16_t) * variablenamesize); > @@ -730,17 +729,13 @@ static int getnextvariable_test3(fwts_framework *fw) > item->hash = hash_func(variablename, variablenamesize); > > if (bucket_insert(item)) { > - name = malloc(variablenamesize * sizeof(char)); > - if (name) { > - fwts_uefi_str16_to_str(name, sizeof(name), variablename); > - fwts_failed(fw, LOG_LEVEL_HIGH, > - "UEFIRuntimeGetNextVariableName", > - "Duplicate variable name %s found.", name); > - free(name); > - } else > - fwts_failed(fw, LOG_LEVEL_HIGH, > - "UEFIRuntimeGetNextVariableName", > - "Duplicate variable name found (too long name)."); > + char name[variablenamesize]; > + > + fwts_uefi_str16_to_str(name, sizeof(name), variablename); > + fwts_failed(fw, LOG_LEVEL_HIGH, > + "UEFIRuntimeGetNextVariableName", > + "Duplicate variable name %s found.", name); > + > free(item->name); > free(item->guid); > free(item); Acked-by: Ivan Hu<ivan.hu@canonical.com>
diff --git a/src/uefi/uefirtvariable/uefirtvariable.c b/src/uefi/uefirtvariable/uefirtvariable.c index 0617ff4..e59e005 100644 --- a/src/uefi/uefirtvariable/uefirtvariable.c +++ b/src/uefi/uefirtvariable/uefirtvariable.c @@ -633,7 +633,6 @@ static int getnextvariable_test3(fwts_framework *fw) uint64_t maxvariablenamesize = variablenamesize; uint16_t *variablename; EFI_GUID vendorguid; - char *name; int ret; variablename = malloc(sizeof(uint16_t) * variablenamesize); @@ -730,17 +729,13 @@ static int getnextvariable_test3(fwts_framework *fw) item->hash = hash_func(variablename, variablenamesize); if (bucket_insert(item)) { - name = malloc(variablenamesize * sizeof(char)); - if (name) { - fwts_uefi_str16_to_str(name, sizeof(name), variablename); - fwts_failed(fw, LOG_LEVEL_HIGH, - "UEFIRuntimeGetNextVariableName", - "Duplicate variable name %s found.", name); - free(name); - } else - fwts_failed(fw, LOG_LEVEL_HIGH, - "UEFIRuntimeGetNextVariableName", - "Duplicate variable name found (too long name)."); + char name[variablenamesize]; + + fwts_uefi_str16_to_str(name, sizeof(name), variablename); + fwts_failed(fw, LOG_LEVEL_HIGH, + "UEFIRuntimeGetNextVariableName", + "Duplicate variable name %s found.", name); + free(item->name); free(item->guid); free(item);