Reviewed-by: Ray Ni
> -Original Message-
> From: Wu, Hao A
> Sent: Tuesday, February 26, 2019 8:57 PM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A ; Wang, Jian J ;
> Ni, Ray ; Zeng, Star ; Laszlo Ersek
>
> Subject: [PATCH v3 1/2] MdeModulePkg/PartitionDxe: Ensure blocksize
> holds MBR (CVE-2018-12180)
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1134
>
> The commit adds checks for detecting GPT and MBR partitions.
>
> These checks will ensure that the device block size is big enough to hold
> an MBR (512 bytes).
>
> Cc: Jian J Wang
> Cc: Ray Ni
> Cc: Star Zeng
> Cc: Laszlo Ersek
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Hao Wu
> ---
> MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c | 9 -
> MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c | 9 -
> 2 files changed, 16 insertions(+), 2 deletions(-)
>
> diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
> b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
> index fe87761bde..d679cc208b 100644
> --- a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
> +++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
> @@ -14,7 +14,7 @@
>partition content and validate the GPT table and GPT entry.
>
> Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
> -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD
> License
> which accompanies this distribution. The full text of the license may be
> found at
> @@ -237,6 +237,13 @@ PartitionInstallGptChildHandles (
>GptValidStatus = EFI_NOT_FOUND;
>
>//
> + // Ensure the block size can hold the MBR
> + //
> + if (BlockSize < sizeof (MASTER_BOOT_RECORD)) {
> +return EFI_NOT_FOUND;
> + }
> +
> + //
>// Allocate a buffer for the Protective MBR
>//
>ProtectiveMbr = AllocatePool (BlockSize);
> diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
> b/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
> index b1a99ee85b..419f8a17a7 100644
> --- a/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
> +++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Mbr.c
> @@ -13,7 +13,7 @@
>
> Copyright (c) 2018 Qualcomm Datacenter Technologies, Inc.
> Copyright (c) 2014, Hewlett-Packard Development Company, L.P.
> -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD
> License
> which accompanies this distribution. The full text of the license may be
> found at
> @@ -150,6 +150,13 @@ PartitionInstallMbrChildHandles (
>MediaId = BlockIo->Media->MediaId;
>LastBlock = BlockIo->Media->LastBlock;
>
> + //
> + // Ensure the block size can hold the MBR
> + //
> + if (BlockSize < sizeof (MASTER_BOOT_RECORD)) {
> +return EFI_NOT_FOUND;
> + }
> +
>Mbr = AllocatePool (BlockSize);
>if (Mbr == NULL) {
> return Found;
> --
> 2.12.0.windows.1
___
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
