efi_loader: avoid buffer overrun in efi_var_mem_compare

We should not scan beyond the end of string name.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>

diff --git a/lib/efi_loader/efi_var_mem.c b/lib/efi_loader/efi_var_mem.c
index e1058e3c6aafd14e6e7a7daddcaff67aed02701c..d6b65aed12ea1001a1fe0840fa75978a0acac859 100644 (file)
--- a/lib/efi_loader/efi_var_mem.c
+++ b/lib/efi_loader/efi_var_mem.c
@@ -41,11 +41,13 @@ efi_var_mem_compare(struct efi_var_entry *var, const efi_guid_t *guid,
             i < sizeof(efi_guid_t) && match; ++i)
                match = (guid1[i] == guid2[i]);
 
-       for (data = var->name, var_name = name;; ++data, ++var_name) {
+       for (data = var->name, var_name = name;; ++data) {
                if (match)
                        match = (*data == *var_name);
                if (!*data)
                        break;
+               if (*var_name)
+                       ++var_name;
        }
 
        ++data;