From 06da7daab1eb129a1bf3eb93ed74c102d1587071 Mon Sep 17 00:00:00 2001 From: Michael Kubacki Date: Thu, 3 Oct 2024 00:02:55 -0400 Subject: [PATCH] FmpDevicePkg/FmpDependencyLib: Fix potential overflow in loop FmpVersionsCount is a UINTN while the loop index variable compared against it is a UINT8. This can lead to an overflow of the loop index for FmpVersionsCount values larger than UINT8_MAX. This change makes Index a UINTN to match in width. Signed-off-by: Michael Kubacki --- FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c b/FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c index 50662e74e065..11ee83d3ea8a 100644 --- a/FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c +++ b/FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c @@ -228,7 +228,7 @@ EvaluateDependency ( { EFI_STATUS Status; UINT8 *Iterator; - UINT8 Index; + UINTN Index; DEPEX_ELEMENT Element1; DEPEX_ELEMENT Element2; GUID ImageTypeId;