efi_loader: overflow in efi_allocate_pages

On 32bit systems (pages << EFI_PAGE_SHIFT) may lead to an overflow which
does not occur in 64bit arithmetics.

An overflow of (pages << EFI_PAGE_SHIFT) on 64bit systems should be treated
as an error.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>

1 files changed, 6 insertions, 1 deletions

diff --git a/lib/efi_loader/efi_memory.c b/lib/efi_loader/efi_memory.c
index 2c5d5221a7..4630387af0 100644
--- a/lib/efi_loader/efi_memory.c
+++ b/lib/efi_loader/efi_memory.c
@@ -489,7 +489,7 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type,
 				enum efi_memory_type memory_type,
 				efi_uintn_t pages, uint64_t *memory)
 {
-	u64 len = pages << EFI_PAGE_SHIFT;
+	u64 len;
 	efi_status_t ret;
 	uint64_t addr;
 
@@ -499,6 +499,11 @@ efi_status_t efi_allocate_pages(enum efi_allocate_type type,
 		return EFI_INVALID_PARAMETER;
 	if (!memory)
 		return EFI_INVALID_PARAMETER;
+	len = (u64)pages << EFI_PAGE_SHIFT;
+	/* Catch possible overflow on 64bit systems */
+	if (sizeof(efi_uintn_t) == sizeof(u64) &&
+	    (len >> EFI_PAGE_SHIFT) != (u64)pages)
+		return EFI_OUT_OF_RESOURCES;
 
 	switch (type) {
 	case EFI_ALLOCATE_ANY_PAGES: