From 72ccedbd766df910988c0d044b26f296f344bc92 Mon Sep 17 00:00:00 2001 From: ydong10 Date: Wed, 28 Nov 2012 03:26:58 +0000 Subject: [PATCH] Enhance the check for RelocBase->SizeOfBlock before use it. Signed-off-by: Dong Eric Reviewed-by: Ye Ting git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13973 6f19259b-4bc3-4df7-8a09-765794883524 --- MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c index 6f056e519e..ffff0c14aa 100644 --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c @@ -984,17 +984,16 @@ PeCoffLoaderRelocateImage ( while (RelocBase < RelocBaseEnd) { Reloc = (UINT16 *) ((CHAR8 *) RelocBase + sizeof (EFI_IMAGE_BASE_RELOCATION)); - RelocEnd = (UINT16 *) ((CHAR8 *) RelocBase + RelocBase->SizeOfBlock); - // - // Make sure RelocEnd is in the Image range. + // Add check for RelocBase->SizeOfBlock field. // - if ((CHAR8 *) RelocEnd < (CHAR8 *)((UINTN) ImageContext->ImageAddress) || - (CHAR8 *) RelocEnd > (CHAR8 *)((UINTN)ImageContext->ImageAddress + (UINTN)ImageContext->ImageSize)) { + if ((RelocBase->SizeOfBlock == 0) || (RelocBase->SizeOfBlock > RelocDir->Size)) { ImageContext->ImageError = IMAGE_ERROR_FAILED_RELOCATION; return RETURN_LOAD_ERROR; } + RelocEnd = (UINT16 *) ((CHAR8 *) RelocBase + RelocBase->SizeOfBlock); + if (!(ImageContext->IsTeImage)) { FixupBase = PeCoffLoaderImageAddress (ImageContext, RelocBase->VirtualAddress); if (FixupBase == NULL) {