Date: Sat, 21 Feb 2026 15:29:25 +0000 From: Toomas Soome <tsoome@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 23605a8e5124 - main - loader.efi: efi_redirect_exceptions does use uninitialized pointer Message-ID: <6999cf55.25502.73c8df56@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by tsoome: URL: https://cgit.FreeBSD.org/src/commit/?id=23605a8e5124dcbd27aa3a8bfbca20ee2b179361 commit 23605a8e5124dcbd27aa3a8bfbca20ee2b179361 Author: Toomas Soome <tsoome@FreeBSD.org> AuthorDate: 2026-02-21 15:27:35 +0000 Commit: Toomas Soome <tsoome@FreeBSD.org> CommitDate: 2026-02-21 15:27:35 +0000 loader.efi: efi_redirect_exceptions does use uninitialized pointer loader_idt.rd_base is not set when we are attempting to bcopy(), resulting to data stored to page 0 and therefore corrupting it. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D55180 --- stand/efi/loader/arch/amd64/trap.c | 1 + 1 file changed, 1 insertion(+) diff --git a/stand/efi/loader/arch/amd64/trap.c b/stand/efi/loader/arch/amd64/trap.c index ffd84db40a3a..3fe86f7b1924 100644 --- a/stand/efi/loader/arch/amd64/trap.c +++ b/stand/efi/loader/arch/amd64/trap.c @@ -266,6 +266,7 @@ efi_redirect_exceptions(void) return (0); } loader_idt.rd_limit = fw_idt.rd_limit; + loader_idt.rd_base = lidt_pa; bcopy((void *)fw_idt.rd_base, (void *)loader_idt.rd_base, loader_idt.rd_limit); bzero(ist_use_table, sizeof(ist_use_table));home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6999cf55.25502.73c8df56>