VOID *\r
UsbCreateDesc (\r
IN UINT8 *DescBuf,\r
- IN INTN Len,\r
+ IN UINTN Len,\r
IN UINT8 Type,\r
- OUT INTN *Consumed\r
+ OUT UINTN *Consumed\r
)\r
{\r
USB_DESC_HEAD *Head;\r
- INTN DescLen;\r
- INTN CtrlLen;\r
- INTN Offset;\r
+ UINTN DescLen;\r
+ UINTN CtrlLen;\r
+ UINTN Offset;\r
VOID *Desc;\r
\r
DescLen = 0;\r
\r
while ((Offset < Len) && (Head->Type != Type)) {\r
Offset += Head->Len;\r
+ if (Len <= Offset) {\r
+ DEBUG (( EFI_D_ERROR, "UsbCreateDesc: met mal-format descriptor, Beyond boundary!\n"));\r
+ return NULL;\r
+ }\r
Head = (USB_DESC_HEAD*)(DescBuf + Offset);\r
+ if (Head->Len == 0) {\r
+ DEBUG (( EFI_D_ERROR, "UsbCreateDesc: met mal-format descriptor, Head->Len = 0!\n"));\r
+ return NULL;\r
+ }\r
}\r
\r
if ((Len <= Offset) || (Len < Offset + DescLen) ||\r
USB_INTERFACE_SETTING *\r
UsbParseInterfaceDesc (\r
IN UINT8 *DescBuf,\r
- IN INTN Len,\r
- OUT INTN *Consumed\r
+ IN UINTN Len,\r
+ OUT UINTN *Consumed\r
)\r
{\r
USB_INTERFACE_SETTING *Setting;\r
USB_ENDPOINT_DESC *Ep;\r
UINTN Index;\r
UINTN NumEp;\r
- INTN Used;\r
- INTN Offset;\r
+ UINTN Used;\r
+ UINTN Offset;\r
\r
*Consumed = 0;\r
Setting = UsbCreateDesc (DescBuf, Len, USB_DESC_TYPE_INTERFACE, &Used);\r
//\r
// Create the endpoints for this interface\r
//\r
- for (Index = 0; Index < NumEp; Index++) {\r
+ for (Index = 0; (Index < NumEp) && (Offset < Len); Index++) {\r
Ep = UsbCreateDesc (DescBuf + Offset, Len - Offset, USB_DESC_TYPE_ENDPOINT, &Used);\r
\r
if (Ep == NULL) {\r
USB_CONFIG_DESC *\r
UsbParseConfigDesc (\r
IN UINT8 *DescBuf,\r
- IN INTN Len\r
+ IN UINTN Len\r
)\r
{\r
USB_CONFIG_DESC *Config;\r
USB_INTERFACE_DESC *Interface;\r
UINTN Index;\r
UINTN NumIf;\r
- INTN Consumed;\r
+ UINTN Consumed;\r
\r
ASSERT (DescBuf != NULL);\r
\r