git: 5c2ae0a209f6 - main - libefivar: Add sanity check for FilePath device path

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Warner Losh <imp_at_FreeBSD.org>
Date: Tue, 25 Nov 2025 18:17:33 UTC
The branch main has been updated by imp:

URL: https://cgit.FreeBSD.org/src/commit/?id=5c2ae0a209f6964ebe2d3a4cc24987e3bd7f597d

commit 5c2ae0a209f6964ebe2d3a4cc24987e3bd7f597d
Author:     Jose Luis Duran <jlduran@FreeBSD.org>
AuthorDate: 2025-11-13 16:49:05 +0000
Commit:     Warner Losh <imp@FreeBSD.org>
CommitDate: 2025-11-25 18:17:24 +0000

    libefivar: Add sanity check for FilePath device path
    
    REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1497
    
    Current implementation of IsDevicePathValid() is not enough for type
    of MEDIA_FILEPATH_DP, which has NULL-terminated string in the device
    path. This patch add a simple NULL character check at Length position.
    
    Note that the link above no longer exists.  The commit message was kept
    verbatim.  An archived version of the bug report can be found at:
    https://web.archive.org/web/20240714191428/https://bugzilla.tianocore.org/show_bug.cgi?id=1497
    
    Add the const keyword to avoid errors/warnings about dropping a const
    qualifier.
    
    Obtained from:  https://github.com/tianocore/edk2/commit/2f7a96d6ec13b292d6f31295f3195913921173e1
    
    Reviewed by: imp
    Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
---
 lib/libefivar/uefi-dputil.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lib/libefivar/uefi-dputil.c b/lib/libefivar/uefi-dputil.c
index 89e049884558..74609b47a448 100644
--- a/lib/libefivar/uefi-dputil.c
+++ b/lib/libefivar/uefi-dputil.c
@@ -37,7 +37,7 @@
 
 /*
  * Taken from MdePkg/Library/UefiDevicePathLib/DevicePathUtilities.c
- * hash fd02394228ee1dc2378cccfde6098c461f96dd42 2019-Jan-31
+ * hash 2f7a96d6ec13b292d6f31295f3195913921173e1 2019-Feb-21
  */
 
 /** @file
@@ -137,6 +137,15 @@ IsDevicePathValid (
         return FALSE;
       }
     }
+
+    //
+    // FilePath must be a NULL-terminated string.
+    //
+    if (DevicePathType (DevicePath) == MEDIA_DEVICE_PATH &&
+        DevicePathSubType (DevicePath) == MEDIA_FILEPATH_DP &&
+        *(const CHAR16 *)((const UINT8 *) DevicePath + NodeLength - 2) != 0) {
+      return FALSE;
+    }
   }
 
   //