In efi_sigstore_parse_siglist() sigdata is allocated. But instead of an
allocation matching the size of sigdata, tainted external data was used
to calculate the allocation size. This may lead to buffer overflows.

Correct the allocation.

When malloc() fails for sig_data->data, sig_data is leaked.

Free sig_data before jumping to the error path.

Heinrich Schuchardt (2):
  efi_loader: fix buffer overrun in efi_sigstore_parse_siglist
  efi_loader: fix memory lead in efi_sigstore_parse_siglist

 lib/efi_loader/efi_signature.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.53.0

Reply via email to