tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-07-27 15:44:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg/PartitionDxe: Add check for underlying device block size

Browse Source 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=828

Within FindAnchorVolumeDescriptorPointer():

Add a check for the underlying device block size to ensure it is greater
than the size of an Anchor Volume Descriptor Pointer.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Paulo Alcantara <palcantara@suse.de>
Acked-by: Star Zeng <star.zeng@intel.com>
This commit is contained in:
Hao Wu 2017-12-15 11:22:16 +08:00
parent 4a723d3d7f
commit 4df8f5bfa2
1 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
MdeModulePkg/Universal/Disk/PartitionDxe/Udf.c
View File

@ -1,8 +1,17 @@
/** @file /** @file
Scan for an UDF file system on a formatted media. Scan for an UDF file system on a formatted media.
Caution: This file requires additional review when modified.
This driver will have external input - CD/DVD media.
This external input must be validated carefully to avoid security issue like
buffer overflow, integer overflow.
FindUdfFileSystem() routine will consume the media properties and do basic
validation.
Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc. Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
Copyright (C) 2014-2017 Paulo Alcantara <pcacjr@zytor.com> Copyright (C) 2014-2017 Paulo Alcantara <pcacjr@zytor.com>
Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available This program and the accompanying materials are licensed and made available
under the terms and conditions of the BSD License which accompanies this under the terms and conditions of the BSD License which accompanies this
@ -101,6 +110,20 @@ FindAnchorVolumeDescriptorPointer (
*LastRecordedBlock = EndLBA; *LastRecordedBlock = EndLBA;
AvdpsCount = 0; AvdpsCount = 0;
//
// Check if the block size of the underlying media can hold the data of an
// Anchor Volume Descriptor Pointer
//
if (BlockSize < sizeof (UDF_ANCHOR_VOLUME_DESCRIPTOR_POINTER)) {
DEBUG ((
DEBUG_ERROR,
"%a: Media block size 0x%x unable to hold an AVDP.\n",
__FUNCTION__,
BlockSize
));
return EFI_UNSUPPORTED;
}
// //
// Find AVDP at block 256 // Find AVDP at block 256
// //
@ -598,6 +621,12 @@ Out_Free:
/** /**
Find a supported UDF file system in block device. Find a supported UDF file system in block device.
@attention This is boundary function that may receive untrusted input.
@attention The input is from Partition.
The CD/DVD media is the external input, so this routine will do basic
validation for the media.
@param[in] BlockIo BlockIo interface. @param[in] BlockIo BlockIo interface.
@param[in] DiskIo DiskIo interface. @param[in] DiskIo DiskIo interface.
@param[out] StartingLBA UDF file system starting LBA. @param[out] StartingLBA UDF file system starting LBA.