tmakin/tegra-linux-noble
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

efi/libstub: Free correct pointer on failure

Browse Source 
BugLink: https://bugs.launchpad.net/bugs/2101915

commit 06d39d79cbd5a91a33707951ebf2512d0e759847 upstream.

cmdline_ptr is an out parameter, which is not allocated by the function
itself, and likely points into the caller's stack.

cmdline refers to the pool allocation that should be freed when cleaning
up after a failure, so pass this instead to free_pool().

Fixes: 42c8ea3dca ("efi: libstub: Factor out EFI stub entrypoint ...")
Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
CVE-2024-56573
Signed-off-by: Koichiro Den <koichiro.den@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
This commit is contained in:
Ard Biesheuvel
2025-03-11 08:51:19 +09:00
committed by Stefan Bader
parent 9edf5c6c12
commit 20d9f1c4b3
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
drivers/firmware/efi/libstub/efi-stub.c
+1 -1
View File
@@ -149,7 +149,7 @@ efi_status_t efi_handle_cmdline(efi_loaded_image_t *image, char **cmdline_ptr)
return EFI_SUCCESS;
fail_free_cmdline:
efi_bs_call(free_pool, cmdline_ptr);
efi_bs_call(free_pool, cmdline);
return status;
}