Variable buffer sizes should not be hardcoded

[sippeangelo]

Right now the receiving buffers of GetFirmwareEnvironmentVariable are hardcoded in size. I wasn't able to find a way to know this before making the call, neither through the Windows API nor as a feature of the UEFI spec.

main.cpp:93-94

std::array<std::uint16_t, 32> buffer;
std::size_t size = GetFirmwareEnvironmentVariableW(L"BootOrder", EFI_GLOBAL_VARIABLE, buffer.data(), sizeof(std::uint16_t) * buffer.size());

This should theoretically be safe for boot orders greater than 32 entries, since the program will only upload those first 32 entries back into UEFI NVRAM, keeping anything following them intact.

main.cpp:113-119

char* buffer = new char[1024];
...
std::size_t size = GetFirmwareEnvironmentVariableW(widen(entry).c_str(), EFI_GLOBAL_VARIABLE, buffer, sizeof(char) * 1024);

This could potentially end badly if for some reason the boot entry description exceeds the 1024 byte buffer, since the description string is defined in the UEFI spec as running until the first null terminator.

[sippeangelo]

Maybe https://github.com/untermensch/WindSLIC/blob/6a0851b4f4951036c14ee4914425eafd810959f3/libinstaller/libinstaller.cpp#L223