efi: Handle NULL return value when getting loaded image protocol

The EFI spec mandates that the handle produced by the LoadImage boot service has a LoadedImage protocol instance installed on it, but for robustness, we should still deal with a NULL return value from the helper routine that obtains this protocol pointer. If this happens, don't try to start the image but unload it and return an error. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2023-05-24 19:29:09 +02:00 · 2023-05-24 19:29:09 +02:00 · f00ddc6834
commit f00ddc6834
parent cfbfae1aef
1 changed files with 8 additions and 1 deletions
--- a/grub-core/loader/efi/linux.c
+++ b/grub-core/loader/efi/linux.c
@ -214,6 +214,11 @@ grub_arch_efi_linux_boot_image (grub_addr_t addr, grub_size_t size, char *args)

  /* Convert command line to UCS-2 */
  loaded_image = grub_efi_get_loaded_image (image_handle);
+  if (loaded_image == NULL)
+    {
+      grub_error (GRUB_ERR_BAD_FIRMWARE, "missing loaded_image proto");
+      goto unload;
+    }
  loaded_image->load_options_size = len =
    (grub_strlen (args) + 1) * sizeof (grub_efi_char16_t);
  loaded_image->load_options =
@ -229,9 +234,11 @@ grub_arch_efi_linux_boot_image (grub_addr_t addr, grub_size_t size, char *args)
  status = b->start_image (image_handle, 0, NULL);

  /* When successful, not reached */
-  b->unload_image (image_handle);
+  grub_error (GRUB_ERR_BAD_OS, "start_image() returned %" PRIuGRUB_EFI_UINTN_T, status);
  grub_efi_free_pages ((grub_addr_t) loaded_image->load_options,
 		       GRUB_EFI_BYTES_TO_PAGES (loaded_image->load_options_size));
+unload:
+  b->unload_image (image_handle);

  return grub_errno;
 }