From nobody Sat Sep 07 01:48:02 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4X0wwM26nZz5WSZs; Sat, 07 Sep 2024 01:48:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4X0wwL6vmcz4k3K; Sat, 7 Sep 2024 01:48:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1725673683; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8mIVFlTY/Aub38UsF2dckIiBth5boDuv/05x1gbl8og=; b=PcbupAI4X3xAYgNKrzIJOOovydg6C3ma4m7PbviunueZJm6uFpxqxajh4F66j386QDJZJD 5G/tnJsbEx3a8Zz7h8gW1bSm+Iypa5U954tDhaD6ZScFPcAzcx/E513lpm5P9bxaDDST+d tPmXu3lCrK8c1KqFV7B5NjnxM/ACYiJCPqgoGa6B7pOg7y8silXYJ+eWRA+fuXYfxRn+8y OGMFWmzejAGG4A0zX24JT9oHv/CTkByKS2t0TTMBATMKTfn/kFymD2Kq4YOeULDyea/APC nc/GJ2fknaDqozb1mR8+y/405lCdnzFatlBpb6tqRO/OCtY0jx6+h+/Asi9vHg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725673683; a=rsa-sha256; cv=none; b=mPabs59gNZtCpiRdEOE+DmN8Ov82XBf9BQ9pIMbyHlqEa839aoia4C85wM3Gz3UUsWvnqH Ju3Tumy/66SP7WJo3rdG0UzBFvqqHIUusqkKLPFiq45HwkiKdTGLF5t0Clhae6VjM7sCgH jKi9V8NZ+RVHjlcBkEfllSEd/okWgdBg24s4RAO8ayvh558mHSBr/gp4kImHRJ9jzr2KC4 0DgpeiMqwXukWoAbylUWiTwaHhnp1xYrTsHi7odL1TZJFcP+qGSIRsFKESdmYioo1Phmjb HGv/WhtpUW9QUG6/XrDAFW0f1sXduYbuHAhuOxO73D7hKgeu0DD4ZDKSWVCsrA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1725673683; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8mIVFlTY/Aub38UsF2dckIiBth5boDuv/05x1gbl8og=; b=Ja5NZpSD1NSjk3qO5SklxtR/AxdPF1uA2Zh2JSkUKTodaG7OFTAqN6yPeIoIJVnDeYBYEo 8DwkdbwIzSAnV4519jI9uVK/jRar92XXSPpNjQ0cINd7NDlFlb/cGnXXxC9usMzbfaiAMJ t4X3HQSG0OOI3fY/P7rrW8OUes3K5O4ldPaITguUOOHbBbK/hiSxwkMWFXXqk0bu7K7TAo YfdBCmztwAQV4h7bcGnLyqDw+COsWX3VigAUbXl2dH5Yd+fH+P/2pEAjpTeon+FUvHFuzI 7I8g+DsHPdFM9MqMcrxj5QUiF2ZtBsn0xQDy9zLu8DouX5eSgKuUS/Fwb8dm8w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4X0wwL6SMDzGPc; Sat, 7 Sep 2024 01:48:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4871m2XA041875; Sat, 7 Sep 2024 01:48:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4871m29O041872; Sat, 7 Sep 2024 01:48:02 GMT (envelope-from git) Date: Sat, 7 Sep 2024 01:48:02 GMT Message-Id: <202409070148.4871m29O041872@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Jessica Clarke Subject: git: 17c0e73b1d60 - stable/14 - efibootmgr: Simplify make_next_boot_var_name and fix cnt == 0 case List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jrtc27 X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 17c0e73b1d60c4544fad4667c8d45d588fe664cf Auto-Submitted: auto-generated The branch stable/14 has been updated by jrtc27: URL: https://cgit.FreeBSD.org/src/commit/?id=17c0e73b1d60c4544fad4667c8d45d588fe664cf commit 17c0e73b1d60c4544fad4667c8d45d588fe664cf Author: Jessica Clarke AuthorDate: 2024-02-23 02:36:21 +0000 Commit: Jessica Clarke CommitDate: 2024-09-07 00:01:01 +0000 efibootmgr: Simplify make_next_boot_var_name and fix cnt == 0 case If cnt == 0 we access element 0 unconditionally, which is out of bounds, and then if that doesn't crash and happens to be 0 we will access element - 1, also out of bounds, and then if that doesn't crash will add 1 to whatever junk is there and use that for the variable. On CHERI, though, this does crash. This code is also overly complicated, with unnecessary special cases and tracking more state than needed. Rewrite it in a more general manner that doesn't need those special cases and naturally works for cnt == 0. Found by: CHERI Reviewed by: imp Fixes: 1285bcc833a3 ("Import Netflix's efibootmgr to help manage UEFI boot variables") MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D44029 (cherry picked from commit 09cb8031b43c8e98abb5ff9b43ff649031d1e808) --- usr.sbin/efibootmgr/efibootmgr.c | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/usr.sbin/efibootmgr/efibootmgr.c b/usr.sbin/efibootmgr/efibootmgr.c index dfe8bfb1c145..74b59863d6c5 100644 --- a/usr.sbin/efibootmgr/efibootmgr.c +++ b/usr.sbin/efibootmgr/efibootmgr.c @@ -555,7 +555,7 @@ static char * make_next_boot_var_name(void) { struct entry *v; - uint16_t *vals, next_free = 0; + uint16_t *vals; char *name; int cnt = 0; int i; @@ -573,21 +573,14 @@ make_next_boot_var_name(void) vals[i++] = v->idx; } qsort(vals, cnt, sizeof(uint16_t), compare); - /* if the hole is at the beginning, just return zero */ - if (vals[0] > 0) { - next_free = 0; - } else { - /* now just run the list looking for the first hole */ - for (i = 0; i < cnt - 1 && next_free == 0; i++) - if (vals[i] + 1 != vals[i + 1]) - next_free = vals[i] + 1; - if (next_free == 0) - next_free = vals[cnt - 1] + 1; - /* In theory we could have used all 65k slots -- what to do? */ - } + /* Find the first hole (could be at start or end) */ + for (i = 0; i < cnt; ++i) + if (vals[i] != i) + break; free(vals); + /* In theory we could have used all 65k slots -- what to do? */ - asprintf(&name, "%s%04X", "Boot", next_free); + asprintf(&name, "%s%04X", "Boot", i); if (name == NULL) err(1, "asprintf"); return name;