projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ad38db5) | patch
EFI: don't leak heap contents through XEN_EFI_get_next_variable_name
authorJan Beulich <jbeulich@suse.com>
Thu, 6 Feb 2020 08:52:33 +0000 (09:52 +0100)
committerJan Beulich <jbeulich@suse.com>
Thu, 6 Feb 2020 08:52:33 +0000 (09:52 +0100)
commit4783ee894f6bfb0f4deec9f1fe8e7faceafaa1a2
tree9b59398f944f1f9777f8d7de0530ebc79bf8f02dtree | snapshot
parentad38db5852f0e30d90c93c6a62b754f2861549e0commit | diff
EFI: don't leak heap contents through XEN_EFI_get_next_variable_name

Commit 1f4eb9d27d0e ("EFI: fix getting EFI variable list on some
systems") switched to using the caller provided size for the copy-out
without making sure the copied buffer is properly scrubbed.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: George Dunlap <george.dunlap@citrix.com>
xen/common/efi/runtime.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.