efi_loader: copy GUID in InstallProtocolInterface()
InstallProtocolInterface() is called with a pointer to the protocol GUID.
There is not guarantee that the memory used by the caller for the protocol
GUID stays allocated. To play it safe the GUID should be copied to U-Boot's
internal structures.
Reported-by: Joerie de Gram <j.de.gram@gmail.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
diff --git a/include/efi_loader.h b/include/efi_loader.h
index e390d32..110d8ae 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -342,7 +342,7 @@
*/
struct efi_handler {
struct list_head link;
- const efi_guid_t *guid;
+ const efi_guid_t guid;
void *protocol_interface;
struct list_head open_infos;
};
diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 82128ac..d0f3e05 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -552,7 +552,7 @@
struct efi_handler *protocol;
protocol = list_entry(lhandle, struct efi_handler, link);
- if (!guidcmp(protocol->guid, protocol_guid)) {
+ if (!guidcmp(&protocol->guid, protocol_guid)) {
if (handler)
*handler = protocol;
return EFI_SUCCESS;
@@ -604,7 +604,7 @@
list_for_each_entry_safe(protocol, pos, &efiobj->protocols, link) {
efi_status_t ret;
- ret = efi_remove_protocol(handle, protocol->guid,
+ ret = efi_remove_protocol(handle, &protocol->guid,
protocol->protocol_interface);
if (ret != EFI_SUCCESS)
return ret;
@@ -1131,7 +1131,7 @@
handler = calloc(1, sizeof(struct efi_handler));
if (!handler)
return EFI_OUT_OF_RESOURCES;
- handler->guid = protocol;
+ memcpy((void *)&handler->guid, protocol, sizeof(efi_guid_t));
handler->protocol_interface = protocol_interface;
INIT_LIST_HEAD(&handler->open_infos);
list_add_tail(&handler->link, &efiobj->protocols);
@@ -1227,7 +1227,7 @@
/* Count all driver associations */
list_for_each_entry(handler, &handle->protocols, link) {
- if (protocol && guidcmp(handler->guid, protocol))
+ if (protocol && guidcmp(&handler->guid, protocol))
continue;
list_for_each_entry(item, &handler->open_infos, link) {
if (item->info.attributes &
@@ -1249,7 +1249,7 @@
return EFI_OUT_OF_RESOURCES;
/* Collect unique driver handles */
list_for_each_entry(handler, &handle->protocols, link) {
- if (protocol && guidcmp(handler->guid, protocol))
+ if (protocol && guidcmp(&handler->guid, protocol))
continue;
list_for_each_entry(item, &handler->open_infos, link) {
if (item->info.attributes &
@@ -2446,7 +2446,7 @@
protocol = list_entry(protocol_handle,
struct efi_handler, link);
- (*protocol_buffer)[j] = (void *)protocol->guid;
+ (*protocol_buffer)[j] = (void *)&protocol->guid;
++j;
}
}
@@ -3094,7 +3094,7 @@
(efi_handle_t)image_obj)
continue;
r = EFI_CALL(efi_close_protocol
- (efiobj, protocol->guid,
+ (efiobj, &protocol->guid,
info->info.agent_handle,
info->info.controller_handle
));
diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 5df3593..9611398 100644
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -91,7 +91,7 @@
list_for_each_entry(efiobj, &efi_obj_list, link) {
list_for_each_entry(handler, &efiobj->protocols, link) {
- if (!guidcmp(handler->guid, &efi_guid_loaded_image)) {
+ if (!guidcmp(&handler->guid, &efi_guid_loaded_image)) {
efi_print_image_info(
(struct efi_loaded_image_obj *)efiobj,
handler->protocol_interface, pc);