From 095e173a04e9f734da7857916c90d00ad7972373 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 1 Jun 2022 06:36:55 +0900 Subject: [PATCH] boot: use CMP() macro for safety --- src/boot/efi/efi-string.c | 14 ++++++++------ src/boot/efi/test-efi-string.c | 1 + 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/src/boot/efi/efi-string.c b/src/boot/efi/efi-string.c index 22367ed7385..4b405155a03 100644 --- a/src/boot/efi/efi-string.c +++ b/src/boot/efi/efi-string.c @@ -60,14 +60,13 @@ DEFINE_STRTOLOWER(char16_t, strtolower16); return CMP(s1, s2); \ \ while (n > 0) { \ - int c1 = *s1; \ - int c2 = *s2; \ + type c1 = *s1, c2 = *s2; \ if (tolower) { \ c1 = TOLOWER(c1); \ c2 = TOLOWER(c2); \ } \ if (!c1 || c1 != c2) \ - return c1 - c2; \ + return CMP(c1, c2); \ \ s1++; \ s2++; \ @@ -141,13 +140,16 @@ DEFINE_STRNDUP(char, xstrndup8, strnlen8); DEFINE_STRNDUP(char16_t, xstrndup16, strnlen16); int efi_memcmp(const void *p1, const void *p2, size_t n) { + const uint8_t *up1 = p1, *up2 = p2; + int r; + if (!p1 || !p2) return CMP(p1, p2); - const uint8_t *up1 = p1, *up2 = p2; while (n > 0) { - if (*up1 != *up2) - return *up1 - *up2; + r = CMP(*up1, *up2); + if (r != 0) + return r; up1++; up2++; diff --git a/src/boot/efi/test-efi-string.c b/src/boot/efi/test-efi-string.c index d5044d801c7..b688c6ae410 100644 --- a/src/boot/efi/test-efi-string.c +++ b/src/boot/efi/test-efi-string.c @@ -335,6 +335,7 @@ TEST(efi_memcmp) { assert_se(efi_memcmp("a", "A", 1) > 0); assert_se(efi_memcmp("abc", "ab", 2) == 0); assert_se(efi_memcmp("ab", "abc", 3) < 0); + assert_se(efi_memcmp("abc", "ab", 3) > 0); assert_se(efi_memcmp("ab\000bd", "ab\000bd", 6) == 0); assert_se(efi_memcmp("ab\000b\0", "ab\000bd", 6) < 0); } -- 2.47.3