diff options
| author | Star Zeng <star.zeng@intel.com> | 2018-07-13 15:50:16 +0800 |
|---|---|---|
| committer | Star Zeng <star.zeng@intel.com> | 2018-07-23 09:17:35 +0800 |
| commit | d9c640b9282dd3a6ee45bc5886e7d5b0e586c95d (patch) | |
| tree | 1f82c8d538306bac07b62fd425763db9cd13338a /MdeModulePkg | |
| parent | 95dd7a6ecd2358208a9f82bb948cafddebd78519 (diff) | |
| download | edk2-d9c640b9282dd3a6ee45bc5886e7d5b0e586c95d.tar.gz edk2-d9c640b9282dd3a6ee45bc5886e7d5b0e586c95d.tar.bz2 edk2-d9c640b9282dd3a6ee45bc5886e7d5b0e586c95d.zip | |
MdeModulePkg CapsuleApp: Check capsule header before using its Flags
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Diffstat (limited to 'MdeModulePkg')
| -rw-r--r-- | MdeModulePkg/Application/CapsuleApp/CapsuleApp.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c index a83ebf3d10..dbcffddea9 100644 --- a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c @@ -716,6 +716,40 @@ CleanGatherList ( }
/**
+ Validate if it is valid capsule header
+
+ This function assumes the caller provided correct CapsuleHeader pointer
+ and CapsuleSize.
+
+ This function validates the fields in EFI_CAPSULE_HEADER.
+
+ @param[in] CapsuleHeader Points to a capsule header.
+ @param[in] CapsuleSize Size of the whole capsule image.
+
+**/
+BOOLEAN
+IsValidCapsuleHeader (
+ IN EFI_CAPSULE_HEADER *CapsuleHeader,
+ IN UINT64 CapsuleSize
+ )
+{
+ if (CapsuleSize < sizeof (EFI_CAPSULE_HEADER)) {
+ return FALSE;
+ }
+ if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
+ return FALSE;
+ }
+ if (CapsuleHeader->HeaderSize > CapsuleHeader->CapsuleImageSize) {
+ return FALSE;
+ }
+ if (CapsuleHeader->HeaderSize < sizeof (EFI_CAPSULE_HEADER)) {
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
Print APP usage.
**/
VOID
@@ -891,6 +925,10 @@ UefiMain ( Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);
goto Done;
}
+ if (!IsValidCapsuleHeader (CapsuleBuffer[Index], FileSize[Index])) {
+ Print(L"CapsuleApp: Capsule image (%s) is not a valid capsule.\n", CapsuleName);
+ return EFI_INVALID_PARAMETER;
+ }
}
//
|