Attention is currently required from: Nico Huber, Sergii Dmytruk.

Hello Nico Huber, build bot (Jenkins),

I'd like you to reexamine a change. Please visit

https://review.coreboot.org/c/coreboot/+/84541?usp=email

to look at the new patch set (#2).

The following approvals got outdated and were removed: Code-Review+2 by Nico Huber, Verified+1 by build bot (Jenkins)

The change is no longer submittable: Code-Review and Verified are unsatisfied now.

Change subject: drivers/efi/capsules.c: check for overflows of capsule sizes ......................................................................

drivers/efi/capsules.c: check for overflows of capsule sizes

As was pointed out in comments on CB:83422, the code lacks overflow checks: - when computing size of capsules in a single capsule block - when computing size of capsules in all capsule blocks

If an overflow is triggered, the code might allocate a capsule buffer smaller than the data that's going to be written to it leading to overwriting memory after the buffer.

Change-Id: I43d17d77197fc2cbd721d47941101551603c352a Signed-off-by: Sergii Dmytruk sergii.dmytruk@3mdeb.com --- M src/drivers/efi/capsules.c 1 file changed, 20 insertions(+), 1 deletion(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/41/84541/2