tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix the potential address overflow issue when checking PE signature. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15602 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Jeff Fan 2014-06-30 06:13:53 +00:00 committed by vanjeff
parent 8c01a99b84
commit 9e2364ef12
2 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
SourceLevelDebugPkg/Library/DebugAgent/DebugAgentCommon/DebugAgent.c
View File

@ -214,10 +214,12 @@ FindAndReportModuleImageInfo (
if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {
//
// DOS image header is present, so read the PE header after the DOS image header.
// Check if address overflow firstly.
//
if ((MAX_ADDRESS - (UINTN)DosHdr->e_lfanew) > Pe32Data) {
Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)(Pe32Data + (UINTN)(DosHdr->e_lfanew));
Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)(Pe32Data + (UINTN) ((DosHdr->e_lfanew) & 0x0ffff));
//
// Make sure PE header address does not overflow and is less than the initial address.
//
if (((UINTN)Hdr.Pe32 > Pe32Data) && ((UINTN)Hdr.Pe32 < (UINTN)mErrorMsgVersionAlert)) {
if (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE) {
//
// It's PE image.

21
UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c
View File

@ -1,7 +1,7 @@
/** @file
CPU Exception Hanlder Library common functions.
Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -90,13 +90,18 @@ FindModuleImageBase (
// DOS image header is present, so read the PE header after the DOS image header.
//
Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)(Pe32Data + (UINTN) ((DosHdr->e_lfanew) & 0x0ffff));
if (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE) {
//
// It's PE image.
//
InternalPrintMessage ("!!!! Find PE image ");
*EntryPoint = (UINTN)Pe32Data + (UINTN)(Hdr.Pe32->OptionalHeader.AddressOfEntryPoint & 0x0ffffffff);
break;
//
// Make sure PE header address does not overflow and is less than the initial address.
//
if (((UINTN)Hdr.Pe32 > Pe32Data) && ((UINTN)Hdr.Pe32 < CurrentEip)) {
if (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE) {
//
// It's PE image.
//
InternalPrintMessage ("!!!! Find PE image ");
*EntryPoint = (UINTN)Pe32Data + (UINTN)(Hdr.Pe32->OptionalHeader.AddressOfEntryPoint & 0x0ffffffff);
break;
}
}
} else {
//