[edk2] [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX)

Liming Gao Mon, 22 Oct 2018 08:18:47 -0700

In V2, update commit message with fixed CVE number. 

Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735
https://bugzilla.tianocore.org/show_bug.cgi?id=686


Liming Gao (3):
  MdePkg: Add more checker in UefiDecompressLib to access the valid
    buffer only(CVE FIX)
  IntelFrameworkModulePkg: Add more checker in
    UefiTianoDecompressLib(CVE FIX)
  BaseTools: Add more checker in Decompress algorithm to access the
    valid buffer(CVE FIX)

 BaseTools/Source/C/Common/Decompress.c             | 23 +++++++++++++++++--
 BaseTools/Source/C/TianoCompress/TianoCompress.c   | 26 +++++++++++++++++++++-
 .../BaseUefiTianoCustomDecompressLib.c             | 16 +++++++++++--
 .../BaseUefiDecompressLib/BaseUefiDecompressLib.c  | 17 ++++++++++++--
 4 files changed, 75 insertions(+), 7 deletions(-)

-- 
2.10.0.windows.1

_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX)

Reply via email to