efi_loader: use after free in efi_exit()

Do not use data from the loaded image object after deleting it. Fixes: 126a43f15b36 ("efi_loader: unload applications upon Exit()") Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
author: Heinrich Schuchardt <xypron.glpk@gmx.de> 2020-12-29 01:24:40 +0300
committer: Heinrich Schuchardt <xypron.glpk@gmx.de> 2020-12-31 16:33:07 +0300
commit: f8212f09702f802ffab42769133e3114bd6e5e77 (patch)
tree: 2ab92da9a641ed1e80ac524aba083faac7baac82 /include/efi_loader.h
parent: 0ce3fb55e0be286f1f7686aeb452ee77100a2493 (diff)
download: u-boot-f8212f09702f802ffab42769133e3114bd6e5e77.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/include/efi_loader.h b/include/efi_loader.h
index 280225a7c1..62a6c3de5a 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -311,10 +311,10 @@ enum efi_image_auth_status {
  */
 struct efi_loaded_image_obj {
 	struct efi_object header;
-	efi_status_t exit_status;
+	efi_status_t *exit_status;
 	efi_uintn_t *exit_data_size;
 	u16 **exit_data;
-	struct jmp_buf_data exit_jmp;
+	struct jmp_buf_data *exit_jmp;
 	EFIAPI efi_status_t (*entry)(efi_handle_t image_handle,
 				     struct efi_system_table *st);
 	u16 image_type;
author	Heinrich Schuchardt <xypron.glpk@gmx.de>	2020-12-29 01:24:40 +0300
committer	Heinrich Schuchardt <xypron.glpk@gmx.de>	2020-12-31 16:33:07 +0300
commit	f8212f09702f802ffab42769133e3114bd6e5e77 (patch)
tree	2ab92da9a641ed1e80ac524aba083faac7baac82 /include/efi_loader.h
parent	0ce3fb55e0be286f1f7686aeb452ee77100a2493 (diff)
download	u-boot-f8212f09702f802ffab42769133e3114bd6e5e77.tar.xz