SF.net SVN: edk2:[15343] branches/UDK2010.SR1/MdePkg/Library/BasePeCoffLib/ BasePeCoff.c

Wed, 19 Mar 2014 20:00:22 -0700 

Revision: 15343
          http://sourceforge.net/p/edk2/code/15343
Author:   vanjeff
Date:     2014-03-20 02:59:28 +0000 (Thu, 20 Mar 2014)
Log Message:
-----------
Sync patch r15233 from main trunk.
Add more check for PE COFF SizeOfHeader field.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <[email protected]>

Revision Links:
--------------
    http://sourceforge.net/p/edk2/code/15233

Modified Paths:
--------------
    branches/UDK2010.SR1/MdePkg/Library/BasePeCoffLib/BasePeCoff.c

Modified: branches/UDK2010.SR1/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
===================================================================
--- branches/UDK2010.SR1/MdePkg/Library/BasePeCoffLib/BasePeCoff.c      
2014-03-20 02:57:13 UTC (rev 15342)
+++ branches/UDK2010.SR1/MdePkg/Library/BasePeCoffLib/BasePeCoff.c      
2014-03-20 02:59:28 UTC (rev 15343)
@@ -15,7 +15,7 @@
   PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.
   PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF 
image.
 
-  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
@@ -249,6 +249,10 @@
       //
       // 3. Check the FileHeader.NumberOfSections field.
       //
+      if (Hdr.Pe32->OptionalHeader.SizeOfImage <= SectionHeaderOffset) {
+        ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+        return RETURN_UNSUPPORTED;
+      }
       if ((Hdr.Pe32->OptionalHeader.SizeOfImage - SectionHeaderOffset) / 
EFI_IMAGE_SIZEOF_SECTION_HEADER <= Hdr.Pe32->FileHeader.NumberOfSections) {
         ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
         return RETURN_UNSUPPORTED;
@@ -257,6 +261,14 @@
       //
       // 4. Check the OptionalHeader.SizeOfHeaders field.
       //
+      if (Hdr.Pe32->OptionalHeader.SizeOfHeaders <= SectionHeaderOffset) {
+        ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+        return RETURN_UNSUPPORTED;
+      }
+      if (Hdr.Pe32->OptionalHeader.SizeOfHeaders >= 
Hdr.Pe32->OptionalHeader.SizeOfImage) {
+        ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+        return RETURN_UNSUPPORTED;
+      }
       if ((Hdr.Pe32->OptionalHeader.SizeOfHeaders - SectionHeaderOffset) / 
EFI_IMAGE_SIZEOF_SECTION_HEADER < 
(UINT32)Hdr.Pe32->FileHeader.NumberOfSections) {
         ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
         return RETURN_UNSUPPORTED;
@@ -351,6 +363,10 @@
       //
       // 3. Check the FileHeader.NumberOfSections field.
       //
+      if (Hdr.Pe32Plus->OptionalHeader.SizeOfImage <= SectionHeaderOffset) {
+        ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+        return RETURN_UNSUPPORTED;
+      }
       if ((Hdr.Pe32Plus->OptionalHeader.SizeOfImage - SectionHeaderOffset) / 
EFI_IMAGE_SIZEOF_SECTION_HEADER <= Hdr.Pe32Plus->FileHeader.NumberOfSections) {
         ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
         return RETURN_UNSUPPORTED;
@@ -359,6 +375,14 @@
       //
       // 4. Check the OptionalHeader.SizeOfHeaders field.
       //
+      if (Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders <= SectionHeaderOffset) {
+        ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+        return RETURN_UNSUPPORTED;
+      }
+      if (Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders >= 
Hdr.Pe32Plus->OptionalHeader.SizeOfImage) {
+        ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+        return RETURN_UNSUPPORTED;
+      }
       if ((Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - SectionHeaderOffset) / 
EFI_IMAGE_SIZEOF_SECTION_HEADER < 
(UINT32)Hdr.Pe32Plus->FileHeader.NumberOfSections) {
         ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
         return RETURN_UNSUPPORTED;

This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits

Reply via email to