tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

BaseTools/GenFv: Add checks for user/file inputs 

Cc: Liming Gao <liming.gao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This commit is contained in:
Hao Wu 2016-10-11 11:13:41 +08:00
parent 47affb48e9
commit 6f30cefd79
2 changed files with 59 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
BaseTools/Source/C/GenFv/GenFv.c
View File

@ -4,7 +4,7 @@
can be found in the Tiano Firmware Volume Generation Utility can be found in the Tiano Firmware Volume Generation Utility
Specification, review draft. Specification, review draft.
Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR> Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -337,7 +337,12 @@ Returns:
Error (NULL, 0, 1003, "Invalid option value", "Input Ffsfile can't be null"); Error (NULL, 0, 1003, "Invalid option value", "Input Ffsfile can't be null");
return STATUS_ERROR; return STATUS_ERROR;
} }
strcpy (mFvDataInfo.FvFiles[Index], argv[1]); if (strlen (argv[1]) > MAX_LONG_FILE_PATH - 1) {
Error (NULL, 0, 1003, "Invalid option value", "Input Ffsfile name %s is too long!", argv[1]);
return STATUS_ERROR;
}
strncpy (mFvDataInfo.FvFiles[Index], argv[1], MAX_LONG_FILE_PATH - 1);
mFvDataInfo.FvFiles[Index][MAX_LONG_FILE_PATH - 1] = 0;
DebugMsg (NULL, 0, 9, "FV component file", "the %uth name is %s", (unsigned) Index + 1, argv[1]); DebugMsg (NULL, 0, 9, "FV component file", "the %uth name is %s", (unsigned) Index + 1, argv[1]);
argc -= 2; argc -= 2;
argv += 2; argv += 2;

55
BaseTools/Source/C/GenFv/GenFvInternalLib.c
View File

@ -374,7 +374,7 @@ Returns:
} }
} }
for (Index = 0; Index < MAX_NUMBER_OF_FILES_IN_FV; Index++) { for (Index = 0; Number + Index < MAX_NUMBER_OF_FILES_IN_FV; Index++) {
// //
// Read the FFS file list // Read the FFS file list
// //
@ -2418,17 +2418,19 @@ Returns:
UINT8 *FvImage; UINT8 *FvImage;
UINTN FvImageSize; UINTN FvImageSize;
FILE *FvFile; FILE *FvFile;
CHAR8 FvMapName [MAX_LONG_FILE_PATH]; CHAR8 *FvMapName;
FILE *FvMapFile; FILE *FvMapFile;
EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader; EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;
FILE *FvExtHeaderFile; FILE *FvExtHeaderFile;
UINTN FileSize; UINTN FileSize;
CHAR8 FvReportName[MAX_LONG_FILE_PATH]; CHAR8 *FvReportName;
FILE *FvReportFile; FILE *FvReportFile;
FvBufferHeader = NULL; FvBufferHeader = NULL;
FvFile = NULL; FvFile = NULL;
FvMapName = NULL;
FvMapFile = NULL; FvMapFile = NULL;
FvReportName = NULL;
FvReportFile = NULL; FvReportFile = NULL;
if (InfFileImage != NULL) { if (InfFileImage != NULL) {
@ -2566,8 +2568,34 @@ Returns:
// FvMap file to log the function address of all modules in one Fvimage // FvMap file to log the function address of all modules in one Fvimage
// //
if (MapFileName != NULL) { if (MapFileName != NULL) {
if (strlen (MapFileName) > MAX_LONG_FILE_PATH - 1) {
Error (NULL, 0, 1003, "Invalid option value", "MapFileName %s is too long!", MapFileName);
Status = EFI_ABORTED;
goto Finish;
}
FvMapName = malloc (strlen (MapFileName) + 1);
if (FvMapName == NULL) {
Error (NULL, 0, 4001, "Resource", "memory cannot be allocated!");
Status = EFI_OUT_OF_RESOURCES;
goto Finish;
}
strcpy (FvMapName, MapFileName); strcpy (FvMapName, MapFileName);
} else { } else {
if (strlen (FvFileName) + strlen (".map") > MAX_LONG_FILE_PATH - 1) {
Error (NULL, 0, 1003, "Invalid option value", "FvFileName %s is too long!", FvFileName);
Status = EFI_ABORTED;
goto Finish;
}
FvMapName = malloc (strlen (FvFileName) + strlen (".map") + 1);
if (FvMapName == NULL) {
Error (NULL, 0, 4001, "Resource", "memory cannot be allocated!");
Status = EFI_OUT_OF_RESOURCES;
goto Finish;
}
strcpy (FvMapName, FvFileName); strcpy (FvMapName, FvFileName);
strcat (FvMapName, ".map"); strcat (FvMapName, ".map");
} }
@ -2576,6 +2604,19 @@ Returns:
// //
// FvReport file to log the FV information in one Fvimage // FvReport file to log the FV information in one Fvimage
// //
if (strlen (FvFileName) + strlen (".txt") > MAX_LONG_FILE_PATH - 1) {
Error (NULL, 0, 1003, "Invalid option value", "FvFileName %s is too long!", FvFileName);
Status = EFI_ABORTED;
goto Finish;
}
FvReportName = malloc (strlen (FvFileName) + strlen (".txt") + 1);
if (FvReportName == NULL) {
Error (NULL, 0, 4001, "Resource", "memory cannot be allocated!");
Status = EFI_OUT_OF_RESOURCES;
goto Finish;
}
strcpy (FvReportName, FvFileName); strcpy (FvReportName, FvFileName);
strcat (FvReportName, ".txt"); strcat (FvReportName, ".txt");
@ -2852,6 +2893,14 @@ Finish:
if (FvExtHeader != NULL) { if (FvExtHeader != NULL) {
free (FvExtHeader); free (FvExtHeader);
} }
if (FvMapName != NULL) {
free (FvMapName);
}
if (FvReportName != NULL) {
free (FvReportName);
}
if (FvFile != NULL) { if (FvFile != NULL) {
fflush (FvFile); fflush (FvFile);