diff options
author | Matt Fleming <matt.fleming@intel.com> | 2013-01-31 19:02:03 +0000 |
---|---|---|
committer | Matt Fleming <matt.fleming@intel.com> | 2013-02-12 12:41:49 +0000 |
commit | 47f531e8ba3bc3901a0c493f4252826c41dea1a1 (patch) | |
tree | 5afbfc2451eb003cda695d4377077862ac932267 /lib/notifier-error-inject.c | |
parent | 94a193fb7393a50625abd9ca21f8afea275a9f87 (diff) |
efivarfs: Validate filenames much more aggressively
The only thing that efivarfs does to enforce a valid filename is
ensure that the name isn't too short. We need to strongly sanitise any
filenames, not least because variable creation is delayed until
efivarfs_file_write(), which means we can't rely on the firmware to
inform us of an invalid name, because if the file is never written to
we'll never know it's invalid.
Perform a couple of steps before agreeing to create a new file,
* hex_to_bin() returns a value indicating whether or not it was able
to convert its arguments to a binary representation - we should
check it.
* Ensure that the GUID portion of the filename is the correct length
and format.
* The variable name portion of the filename needs to be at least one
character in size.
Reported-by: Lingzhu Xiang <lxiang@redhat.com>
Cc: Matthew Garrett <mjg59@srcf.ucam.org>
Cc: Jeremy Kerr <jeremy.kerr@canonical.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Diffstat (limited to 'lib/notifier-error-inject.c')
0 files changed, 0 insertions, 0 deletions