The code currently computes the size of the MoK variable in ram and
rounds up to a full page, but then actually allocates the exact size,
rather than the rounded up version. This should be completely safe, but
the intent was to round up to at least the page size boundary, and to
always guarantee rounding up /some/, to ensure extra 0-bytes at the end
of the buffer.
Signed-off-by: Peter Jones <pjones@redhat.com>
* make sure we've got some zeroes at the end, just
* in case.
*/
- UINTN allocsz = FullDataSize + sizeof(EFI_SIGNATURE_LIST);
- allocsz = ALIGN_VALUE(allocsz, 4096);
- FullData = AllocateZeroPool(FullDataSize);
+ UINTN new, allocsz;
+
+ allocsz = FullDataSize + sizeof(EFI_SIGNATURE_LIST);
+ new = ALIGN_VALUE(allocsz, 4096);
+ allocsz = new == allocsz ? new + 4096 : new;
+ FullData = AllocateZeroPool(allocsz);
if (!FullData) {
perror(L"Failed to allocate %lu bytes for %s\n",
FullDataSize, v->name);