tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhance the check for some fields in the PE image before use it. 

Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Jiewen Yao<jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13665 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
ydong10 2012-08-22 08:04:53 +00:00
parent cc65822475
commit 60893cc3a8
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
MdePkg/Library/BasePeCoffLib/BasePeCoff.c
View File

@ -1435,6 +1435,12 @@ PeCoffLoaderLoadImage (
for (Index = 0; Index < ResourceDirectory->NumberOfNamedEntries; Index++) { for (Index = 0; Index < ResourceDirectory->NumberOfNamedEntries; Index++) {
if (ResourceDirectoryEntry->u1.s.NameIsString) { if (ResourceDirectoryEntry->u1.s.NameIsString) {
//
// Check the ResourceDirectoryEntry->u1.s.NameOffset before use it.
//
if (ResourceDirectoryEntry->u1.s.NameOffset >= DirectoryEntry->Size) {
continue;
}
ResourceDirectoryString = (EFI_IMAGE_RESOURCE_DIRECTORY_STRING *) (Base + ResourceDirectoryEntry->u1.s.NameOffset); ResourceDirectoryString = (EFI_IMAGE_RESOURCE_DIRECTORY_STRING *) (Base + ResourceDirectoryEntry->u1.s.NameOffset);
String = &ResourceDirectoryString->String[0]; String = &ResourceDirectoryString->String[0];
@ -1610,6 +1616,15 @@ PeCoffLoaderRelocateImageForRuntime (
// //
FixupData = RelocationData; FixupData = RelocationData;
while (RelocBase < RelocBaseEnd) { while (RelocBase < RelocBaseEnd) {
//
// Add check for RelocBase->SizeOfBlock field.
//
if ((RelocBase->SizeOfBlock == 0) || (RelocBase->SizeOfBlock > RelocDir->Size)) {
//
// Data invalid, cannot continue to relocate the image, just return.
//
return;
}
Reloc = (UINT16 *) ((UINT8 *) RelocBase + sizeof (EFI_IMAGE_BASE_RELOCATION)); Reloc = (UINT16 *) ((UINT8 *) RelocBase + sizeof (EFI_IMAGE_BASE_RELOCATION));
RelocEnd = (UINT16 *) ((UINT8 *) RelocBase + RelocBase->SizeOfBlock); RelocEnd = (UINT16 *) ((UINT8 *) RelocBase + RelocBase->SizeOfBlock);