efi_loader: Fix relocations above 64kb image size

We were truncating the image offset within the target image to 16 bits
which again meant that we were potentially overwriting random memory
in the lower 16 bits of the image.

This patch casts the offset to a more reasonable 32bits.

With this applied, I can successfully see Shell.efi assert because it
can't find a protocol it expects to be available.

Signed-off-by: Alexander Graf <agraf@suse.de>

diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 574b204..5165377 100644 (file)
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -37,7 +37,7 @@ static void efi_loader_relocate(const IMAGE_BASE_RELOCATION *rel,
                const uint16_t *relocs = (const uint16_t *)(rel + 1);
                i = (rel->SizeOfBlock - sizeof(*rel)) / sizeof(uint16_t);
                while (i--) {
-                       uint16_t offset = (*relocs & 0xfff) +
+                       uint32_t offset = (uint32_t)(*relocs & 0xfff) +
                                          rel->VirtualAddress;
                        int type = *relocs >> EFI_PAGE_SHIFT;
                        unsigned long delta = (unsigned long)efi_reloc;