tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg/PartitionDxe: Ensure blocksize holds MBR (CVE-2018-12180) 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1134

The commit adds checks for detecting GPT and MBR partitions.

These checks will ensure that the device block size is big enough to hold
an MBR (512 bytes).

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
This commit is contained in:
Hao Wu 2018-02-09 08:43:01 +08:00
parent 8b8d6f8a3b
commit fccdb88022
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
View File

@ -14,7 +14,7 @@
partition content and validate the GPT table and GPT entry.
Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -236,6 +236,13 @@ PartitionInstallGptChildHandles (
GptValidStatus = EFI_NOT_FOUND;
//
// Ensure the block size can hold the MBR
//
if (BlockSize < sizeof (MASTER_BOOT_RECORD)) {
return EFI_NOT_FOUND;
}
//
// Allocate a buffer for the Protective MBR
//

9
MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
View File

@ -13,7 +13,7 @@
Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
Copyright (c) 2014, Hewlett-Packard Development Company, L.P.<BR>
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -150,6 +150,13 @@ PartitionInstallMbrChildHandles (
MediaId = BlockIo->Media->MediaId;
LastBlock = BlockIo->Media->LastBlock;
//
// Ensure the block size can hold the MBR
//
if (BlockSize < sizeof (MASTER_BOOT_RECORD)) {
return EFI_NOT_FOUND;
}
Mbr = AllocatePool (BlockSize);
if (Mbr == NULL) {
return Found;