MdePkg/UefiDevicePathLibDevicePathProtocol: Add sanity check for FilePath device path

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1497

Current implementation of IsDevicePathValid() is not enough for type
of MEDIA_FILEPATH_DP, which has NULL-terminated string in the device
path. This patch add a simple NULL character check at Length position.

Cc: Liming Gao <liming.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>

1 files changed, 9 insertions, 0 deletions

diff --git a/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c b/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c
index 9a0ee42fd1..c8e78d2373 100644
--- a/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c
+++ b/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c
@@ -138,6 +138,15 @@ IsDevicePathValid (
         return FALSE;

       }

     }

+

+    //

+    // FilePath must be a NULL-terminated string.

+    //

+    if (DevicePathType (DevicePath) == MEDIA_DEVICE_PATH &&

+        DevicePathSubType (DevicePath) == MEDIA_FILEPATH_DP &&

+        *(CHAR16 *)((UINT8 *)DevicePath + NodeLength - 2) != 0) {

+      return FALSE;

+    }

   }

 

   //