tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-07-12 16:24:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

ShellPkg/UefiShellLib: Prevent out-of-bounds access

Browse Source 
If InternalShellStrHexToUint64() is passed a string that starts with 'X'
or 'x' it would try to read the byte before the start of the string
buffer.

Instead check if leading zeroes have been consumed.

Signed-off-by: Tormod Volden <debian.tormod@gmail.com>
This commit is contained in:
Tormod Volden 2024-07-23 23:23:20 +02:00 committed by mergify[bot]
parent 7936ffa1e6
commit ef3a1ef397
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ShellPkg/Library/UefiShellLib/UefiShellLib.c
View File

@ -4009,7 +4009,8 @@ InternalShellStrHexToUint64 (
IN CONST BOOLEAN StopAtSpace IN CONST BOOLEAN StopAtSpace
) )
{ {
UINT64 Result; UINT64 Result;
BOOLEAN LeadingZero;
if ((String == NULL) || (StrSize (String) == 0) || (Value == NULL)) { if ((String == NULL) || (StrSize (String) == 0) || (Value == NULL)) {
return (EFI_INVALID_PARAMETER); return (EFI_INVALID_PARAMETER);
@ -4025,12 +4026,14 @@ InternalShellStrHexToUint64 (
// //
// Ignore leading Zeros after the spaces // Ignore leading Zeros after the spaces
// //
LeadingZero = FALSE;
while (*String == L'0') { while (*String == L'0') {
String++; String++;
LeadingZero = TRUE;
} }
if (CharToUpper (*String) == L'X') { if (CharToUpper (*String) == L'X') {
if (*(String - 1) != L'0') { if (!LeadingZero) {
return 0; return 0;
} }