From: Zbigniew Jędrzejewski-Szmek Date: Fri, 8 Mar 2019 13:16:40 +0000 (+0100) Subject: boot: avoid 32-bit calculation for a 64-bit lvalue X-Git-Tag: v242-rc1~154^2~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7a2cb0228c2f1b7d95f6be7a751d1074d03e9cb5;p=thirdparty%2Fsystemd.git boot: avoid 32-bit calculation for a 64-bit lvalue Coverity CID#1399116: > Potentially overflowing expression > gpt_header_buffer.gpt_header.SizeOfPartitionEntry * gpt_header_buffer.gpt_header.NumberOfPartitionEntries > with type unsigned int (32 bits, unsigned) is evaluated using 32-bit > arithmetic, and then used in a context that expects an expression of type > UINTN (64 bits, unsigned). Let's import the ALIGN_TO macro to sd-boot and use it to avoid the issue. --- diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c index ca9ce671d18..7b3e7824546 100644 --- a/src/boot/efi/boot.c +++ b/src/boot/efi/boot.c @@ -2080,8 +2080,11 @@ static VOID config_load_xbootldr( h->NumberOfPartitionEntries > 1024) continue; + if (h->SizeOfPartitionEntry > UINTN_MAX / h->NumberOfPartitionEntries) /* overflow check */ + continue; + /* Now load the GPT entry table */ - sz = ((h->SizeOfPartitionEntry * h->NumberOfPartitionEntries + 511) / 512) * 512; + sz = ALIGN_TO((UINTN) h->SizeOfPartitionEntry * (UINTN) h->NumberOfPartitionEntries, 512); entries = AllocatePool(sz); r = uefi_call_wrapper(block_io->ReadBlocks, 5, diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h index 8c5e35ad251..cef127f4005 100644 --- a/src/boot/efi/util.h +++ b/src/boot/efi/util.h @@ -7,6 +7,10 @@ #define ELEMENTSOF(x) (sizeof(x)/sizeof((x)[0])) #define OFFSETOF(x,y) __builtin_offsetof(x,y) +static inline UINTN ALIGN_TO(UINTN l, UINTN ali) { + return ((l + ali - 1) & ~(ali - 1)); +} + static inline const CHAR16 *yes_no(BOOLEAN b) { return b ? L"yes" : L"no"; }