:: commit f1814a42d9c8e4f70b943dfb2b11ffd7cc957218
protos/efi_boot_entry: Validate boot variable size before accessing description
diff --git a/common/protos/efi_boot_entry.c b/common/protos/efi_boot_entry.c
index 96bae6a8..2ff306b8 100644
--- a/common/protos/efi_boot_entry.c
+++ b/common/protos/efi_boot_entry.c
@@ -63,6 +63,10 @@ static bool find_boot_entry(CHAR16 *entry, uint16_t *out) {
continue;
}
/* Get the description */
+ if (buf_size < sizeof(uint32_t) + sizeof(uint16_t) + sizeof(CHAR16)) {
+ pmm_free(buf, buf_size);
+ continue;
+ }
CHAR16 *desc = (CHAR16 *)(buf + sizeof(uint32_t) + sizeof(uint16_t));
if (uefi_string_matches(desc, entry)) {
*out = boot_order[i];
