Fixes from PR

- Update system table crc32 - Fix unsound use of Box - Free exit data Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
rust-lang · Mar 31, 2024 · 71c6296 · 71c6296
1 parent b7b6bce
commit 71c6296
Showing 1 changed file with 54 additions and 18 deletions.
diff --git a/library/std/src/sys/pal/uefi/process.rs b/library/std/src/sys/pal/uefi/process.rs
@@ -382,36 +382,43 @@ mod uefi_command_internal {
 
                 let loaded_image: NonNull<loaded_image::Protocol> =
                     helpers::open_protocol(child_handle, loaded_image::PROTOCOL_GUID).unwrap();
-                let mut st: Box<r_efi::efi::SystemTable> =
+                let st: Box<r_efi::efi::SystemTable> =
                     Box::new(unsafe { crate::ptr::read((*loaded_image.as_ptr()).system_table) });
 
-                unsafe {
-                    (*loaded_image.as_ptr()).system_table = st.as_mut();
-                }
-
                 Ok(Self::new(child_handle, st))
             }
         }
 
-        pub fn start_image(&self) -> io::Result<r_efi::efi::Status> {
+        pub fn start_image(&mut self) -> io::Result<r_efi::efi::Status> {
+            self.update_st_crc32()?;
+
+            // Use our system table instead of the default one
+            let loaded_image: NonNull<loaded_image::Protocol> =
+                helpers::open_protocol(self.handle, loaded_image::PROTOCOL_GUID).unwrap();
+            unsafe {
+                (*loaded_image.as_ptr()).system_table = self.st.as_mut();
+            }
+
             let boot_services: NonNull<r_efi::efi::BootServices> = boot_services()
                 .ok_or_else(|| const_io_error!(io::ErrorKind::NotFound, "Boot Services not found"))?
                 .cast();
-            let mut exit_data_size: MaybeUninit<usize> = MaybeUninit::uninit();
+            let mut exit_data_size: usize = 0;
             let mut exit_data: MaybeUninit<*mut u16> = MaybeUninit::uninit();
 
             let r = unsafe {
                 ((*boot_services.as_ptr()).start_image)(
                     self.handle.as_ptr(),
-                    exit_data_size.as_mut_ptr(),
+                    &mut exit_data_size,
                     exit_data.as_mut_ptr(),
                 )
             };
 
             // Drop exitdata
-            unsafe {
-                exit_data_size.assume_init_drop();
-                exit_data.assume_init_drop();
+            if exit_data_size != 0 {
+                unsafe {
+                    let exit_data = exit_data.assume_init();
+                    ((*boot_services.as_ptr()).free_pool)(exit_data as *mut crate::ffi::c_void);
+                }
             }
 
             Ok(r)
@@ -476,6 +483,30 @@ mod uefi_command_internal {
 
             self.args = Some(args);
         }
+
+        fn update_st_crc32(&mut self) -> io::Result<()> {
+            let bt: NonNull<r_efi::efi::BootServices> = boot_services().unwrap().cast();
+            let st_size = self.st.hdr.header_size as usize;
+            let mut crc32: u32 = 0;
+
+            // Set crc to 0 before calcuation
+            self.st.hdr.crc32 = 0;
+
+            let r = unsafe {
+                ((*bt.as_ptr()).calculate_crc32)(
+                    self.st.as_mut() as *mut r_efi::efi::SystemTable as *mut crate::ffi::c_void,
+                    st_size,
+                    &mut crc32,
+                )
+            };
+
+            if r.is_error() {
+                Err(io::Error::from_raw_os_error(r.as_usize()))
+            } else {
+                self.st.hdr.crc32 = crc32;
+                Ok(())
+            }
+        }
     }
 
     impl Drop for Command {
@@ -501,13 +532,12 @@ mod uefi_command_internal {
         set_cursor_position: simple_text_output::ProtocolSetCursorPosition,
         enable_cursor: simple_text_output::ProtocolEnableCursor,
         mode: *mut simple_text_output::Mode,
-        _mode: Box<simple_text_output::Mode>,
         _buffer: Vec<u16>,
     }
 
     impl PipeProtocol {
         pub fn new() -> Self {
-            let mut mode = Box::new(simple_text_output::Mode {
+            let mode = Box::new(simple_text_output::Mode {
                 max_mode: 0,
                 mode: 0,
                 attribute: 0,
@@ -525,14 +555,13 @@ mod uefi_command_internal {
                 clear_screen: Self::clear_screen,
                 set_cursor_position: Self::set_cursor_position,
                 enable_cursor: Self::enable_cursor,
-                mode: mode.as_mut(),
-                _mode: mode,
+                mode: Box::into_raw(mode),
                 _buffer: Vec::new(),
             }
         }
 
         pub fn null() -> Self {
-            let mut mode = Box::new(simple_text_output::Mode {
+            let mode = Box::new(simple_text_output::Mode {
                 max_mode: 0,
                 mode: 0,
                 attribute: 0,
@@ -550,8 +579,7 @@ mod uefi_command_internal {
                 clear_screen: Self::clear_screen,
                 set_cursor_position: Self::set_cursor_position,
                 enable_cursor: Self::enable_cursor,
-                mode: mode.as_mut(),
-                _mode: mode,
+                mode: Box::into_raw(mode),
                 _buffer: Vec::new(),
             }
         }
@@ -660,4 +688,12 @@ mod uefi_command_internal {
             r_efi::efi::Status::UNSUPPORTED
         }
     }
+
+    impl Drop for PipeProtocol {
+        fn drop(&mut self) {
+            unsafe {
+                let _ = Box::from_raw(self.mode);
+            }
+        }
+    }
 }