From aeaf0e6d58093102aa35921c7bc6fcb0580504bd Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Mon, 28 Dec 2020 22:42:51 +0100 Subject: efi_loader: describe struct efi_loaded_image_obj Add the missing description of some fields of struct efi_loaded_image_obj. Signed-off-by: Heinrich Schuchardt --- include/efi_loader.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/efi_loader.h b/include/efi_loader.h index 3c68b85b68e..dc3c6ac3049 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -297,8 +297,10 @@ enum efi_image_auth_status { * @exit_status: exit status passed to Exit() * @exit_data_size: exit data size passed to Exit() * @exit_data: exit data passed to Exit() - * @exit_jmp: long jump buffer for returning form started image + * @exit_jmp: long jump buffer for returning from started image * @entry: entry address of the relocated image + * @image_type: indicates if the image is an applicition or a driver + * @auth_status: indicates if the image is authenticated */ struct efi_loaded_image_obj { struct efi_object header; -- cgit v1.2.3 From be48b0f453a3903e924a4f1790f134b9b36e5fa8 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Mon, 28 Dec 2020 23:24:40 +0100 Subject: efi_loader: use after free in efi_exit() Do not use data from the loaded image object after deleting it. Fixes: 126a43f15b36 ("efi_loader: unload applications upon Exit()") Signed-off-by: Heinrich Schuchardt --- include/efi_loader.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/efi_loader.h b/include/efi_loader.h index dc3c6ac3049..0fc2255f3f0 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -304,10 +304,10 @@ enum efi_image_auth_status { */ struct efi_loaded_image_obj { struct efi_object header; - efi_status_t exit_status; + efi_status_t *exit_status; efi_uintn_t *exit_data_size; u16 **exit_data; - struct jmp_buf_data exit_jmp; + struct jmp_buf_data *exit_jmp; EFIAPI efi_status_t (*entry)(efi_handle_t image_handle, struct efi_system_table *st); u16 image_type; -- cgit v1.2.3