Revision: 14520
http://sourceforge.net/p/edk2/code/14520
Author: lzeng14
Date: 2013-07-31 01:09:38 +0000 (Wed, 31 Jul 2013)
Log Message:
-----------
MdeModulePkg PartitionDxe: Ensure the NumberOfPartitionEntries *
SizeOfPartitionEntry doesn't overflow.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <[email protected]>
Reviewed-by: Chao Zhang <[email protected]>
Modified Paths:
--------------
trunk/edk2/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
Modified: trunk/edk2/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
===================================================================
--- trunk/edk2/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c 2013-07-30
06:41:43 UTC (rev 14519)
+++ trunk/edk2/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c 2013-07-31
01:09:38 UTC (rev 14520)
@@ -13,7 +13,7 @@
PartitionValidGptTable(), PartitionCheckGptEntry() routine will accept disk
partition content and validate the GPT table and GPT entry.
-Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -307,7 +307,7 @@
DEBUG ((EFI_D_INFO, " Valid primary and !Valid backup partition table\n"));
DEBUG ((EFI_D_INFO, " Restore backup partition table by the primary\n"));
if (!PartitionRestoreGptTable (BlockIo, DiskIo, PrimaryHeader)) {
- DEBUG ((EFI_D_INFO, " Restore backup partition table error\n"));
+ DEBUG ((EFI_D_INFO, " Restore backup partition table error\n"));
}
if (PartitionValidGptTable (BlockIo, DiskIo, PrimaryHeader->AlternateLBA,
BackupHeader)) {
@@ -487,13 +487,22 @@
if ((PartHdr->Header.Signature != EFI_PTAB_HEADER_ID) ||
!PartitionCheckCrc (BlockSize, &PartHdr->Header) ||
- PartHdr->MyLBA != Lba
+ PartHdr->MyLBA != Lba ||
+ (PartHdr->SizeOfPartitionEntry < sizeof (EFI_PARTITION_ENTRY))
) {
DEBUG ((EFI_D_INFO, "Invalid efi partition table header\n"));
FreePool (PartHdr);
return FALSE;
}
+ //
+ // Ensure the NumberOfPartitionEntries * SizeOfPartitionEntry doesn't
overflow.
+ //
+ if (PartHdr->NumberOfPartitionEntries > DivU64x32 (MAX_UINTN,
PartHdr->SizeOfPartitionEntry)) {
+ FreePool (PartHdr);
+ return FALSE;
+ }
+
CopyMem (PartHeader, PartHdr, sizeof (EFI_PARTITION_TABLE_HEADER));
if (!PartitionCheckGptEntryArrayCRC (BlockIo, DiskIo, PartHeader)) {
FreePool (PartHdr);
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
