Revision: 16528
http://sourceforge.net/p/edk2/code/16528
Author: vanjeff
Date: 2014-12-17 03:24:56 +0000 (Wed, 17 Dec 2014)
Log Message:
-----------
MdeModulePkg DxeCore: Fix potential FV overflow of 4GB boundary on a 32-bit
systems.
The traversing of a Memory Mapped FV can overflow the 4GB limit on a 32bit
system during the setting up a Linked List of FFS file inside the FV.
(Sync patch r16527 from main trunk.)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <[email protected]>
Reviewed-by: Liming Gao <[email protected]>
Revision Links:
--------------
http://sourceforge.net/p/edk2/code/16527
Modified Paths:
--------------
branches/UDK2014.SP1/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
Modified: branches/UDK2014.SP1/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
===================================================================
--- branches/UDK2014.SP1/MdeModulePkg/Core/Dxe/FwVol/FwVol.c 2014-12-17
00:39:51 UTC (rev 16527)
+++ branches/UDK2014.SP1/MdeModulePkg/Core/Dxe/FwVol/FwVol.c 2014-12-17
03:24:56 UTC (rev 16528)
@@ -464,7 +464,7 @@
FfsHeader = (EFI_FFS_FILE_HEADER *) (FvDevice->CachedFv);
}
TopFvAddress = FvDevice->EndOfCachedFv;
- while ((UINT8 *) FfsHeader < TopFvAddress) {
+ while (((UINTN) FfsHeader >= (UINTN) FvDevice->CachedFv) && ((UINTN)
FfsHeader <= (UINTN) ((UINTN) TopFvAddress - sizeof (EFI_FFS_FILE_HEADER)))) {
if (FileCached) {
CoreFreePool (CacheFfsHeader);
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
