diff options
| author | Jan Janssen <medhefgo@web.de> | 2021-12-27 22:41:50 +0100 |
|---|---|---|
| committer | Jan Janssen <medhefgo@web.de> | 2021-12-27 22:41:50 +0100 |
| commit | fab82756462fd0ce82836e3d95721954d7ab2527 (patch) | |
| tree | 7648cf3dbac0a348ada7e7e9ebac2a82d032c1f5 | |
| parent | build(deps): bump github/super-linter from 4.8.4 to 4.8.5 (diff) | |
| download | systemd-fab82756462fd0ce82836e3d95721954d7ab2527.tar.xz systemd-fab82756462fd0ce82836e3d95721954d7ab2527.zip | |
boot: Fix off-by-one NUL-termination
| -rw-r--r-- | src/boot/efi/bcd.c | 2 | ||||
| -rw-r--r-- | src/boot/efi/util.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/src/boot/efi/bcd.c b/src/boot/efi/bcd.c index 970c8b1c8e..1f9f19ba63 100644 --- a/src/boot/efi/bcd.c +++ b/src/boot/efi/bcd.c @@ -316,6 +316,6 @@ TEST_STATIC CHAR16 *get_bcd_title(UINT8 *bcd, UINTN bcd_len) { /* The data should already be NUL-terminated. */ CHAR16 *title = (CHAR16 *) (bcd + description_value->data_offset); - title[description_value->data_size / sizeof(CHAR16)] = '\0'; + title[description_value->data_size / sizeof(CHAR16) - 1] = '\0'; return title; } diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c index 6db4ab3969..76e4eef1eb 100644 --- a/src/boot/efi/util.c +++ b/src/boot/efi/util.c @@ -174,7 +174,7 @@ EFI_STATUS efivar_get(const EFI_GUID *vendor, const CHAR16 *name, CHAR16 **value return EFI_SUCCESS; /* Return buffer directly if it happens to be NUL terminated already */ - if (size >= sizeof(CHAR16) && buf[size/sizeof(CHAR16)] == 0) { + if (size >= sizeof(CHAR16) && buf[size / sizeof(CHAR16) - 1] == 0) { *value = TAKE_PTR(buf); return EFI_SUCCESS; } @@ -183,7 +183,7 @@ EFI_STATUS efivar_get(const EFI_GUID *vendor, const CHAR16 *name, CHAR16 **value val = xallocate_pool(size + sizeof(CHAR16)); CopyMem(val, buf, size); - val[size / sizeof(CHAR16)] = 0; /* NUL terminate */ + val[size / sizeof(CHAR16) - 1] = 0; /* NUL terminate */ *value = val; return EFI_SUCCESS; |