efi: as extra paranoia NUL terminate UTF-16 strings with three NUL bytes

This is a safey net anyway, let's make it fully safe: if the data ends on an uneven byte, then we need to complete the UTF-16 codepoint first, before adding the final NUL byte pair. Hence let's suffix with three NULs, instead of just two.
2020-05-27 16:22:07 +02:00 · 2020-05-27 16:22:07 +02:00 · c75e7da0b5
parent 9e5230aad9
commit c75e7da0b5
1 changed files with 5 additions and 3 deletions
--- a/src/basic/efivars.c
+++ b/src/basic/efivars.c
@ -101,7 +101,8 @@ int efi_get_variable(
                                return -errno;
                        if (try >= EFI_N_RETRIES)
                                return -EBUSY;
-                        usleep(EFI_RETRY_DELAY);
+
+                        (void) usleep(EFI_RETRY_DELAY);
                }

                if (n != sizeof(a))
@ -109,7 +110,7 @@ int efi_get_variable(
        }

        if (ret_value) {
-                buf = malloc(st.st_size - 4 + 2);
+                buf = malloc(st.st_size - 4 + 3);
                if (!buf)
                        return -ENOMEM;

@ -118,9 +119,10 @@ int efi_get_variable(
                        return -errno;
                assert(n <= st.st_size - 4);

-                /* Always NUL terminate (2 bytes, to protect UTF-16) */
+                /* Always NUL terminate (3 bytes, to properly protect UTF-16, even if truncated in the middle of a character) */
                ((char*) buf)[n] = 0;
                ((char*) buf)[n + 1] = 0;
+                ((char*) buf)[n + 2] = 0;
        } else
                /* Assume that the reported size is accurate */
                n = st.st_size - 4;