tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdePkg: Fix overflow issue in BasePeCoffLib 

The RelocDir->Size is a UINT32 value, and RelocDir->VirtualAddress is
also a UINT32 value. The current code does not check for overflow when
adding RelocDir->Size to RelocDir->VirtualAddress. This patch adds a
check to ensure that the addition does not overflow.

Signed-off-by: Doug Flick <dougflick@microsoft.com>
Authored-by: sriraamx gobichettipalayam <sri..@intel.com>
This commit is contained in:
Doug Flick 2024-09-27 12:08:55 -07:00 committed by mergify[bot]
parent 517019a553
commit c95233b852
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
MdePkg/Library/BasePeCoffLib/BasePeCoff.c
View File

@ -1054,7 +1054,7 @@ PeCoffLoaderRelocateImage (
RelocDir = &Hdr.Te->DataDirectory[0];
}
if ((RelocDir != NULL) && (RelocDir->Size > 0)) {
if ((RelocDir != NULL) && (RelocDir->Size > 0) && (RelocDir->Size - 1 < MAX_UINT32 - RelocDir->VirtualAddress)) {
RelocBase = (EFI_IMAGE_BASE_RELOCATION *)PeCoffLoaderImageAddress (ImageContext, RelocDir->VirtualAddress, TeStrippedOffset);
RelocBaseEnd = (EFI_IMAGE_BASE_RELOCATION *)PeCoffLoaderImageAddress (
ImageContext,