shim: Improve the bounds checking of ImageAddress()

author Peter Jones <pjones@redhat.com>

Thu, 19 Oct 2017 17:45:58 +0000 (13:45 -0400)

committer Peter Jones <pmjones@gmail.com>

Mon, 12 Mar 2018 20:21:43 +0000 (16:21 -0400)
author Peter Jones <pjones@redhat.com>
Thu, 19 Oct 2017 17:45:58 +0000 (13:45 -0400)
committer Peter Jones <pmjones@gmail.com>
Mon, 12 Mar 2018 20:21:43 +0000 (16:21 -0400)
diff --git a/shim.c b/shim.c

index 38cc452ac4917d106ee57464f69b68facb70242b..e8401f80e9ae4a58a9a8c672288a73c939f86343 100644 (file)
--- a/shim.c
+++ b/shim.c
@@ -50,6 +50,8 @@
  
  #include <Library/BaseCryptLib.h>
  
+#include <stdint.h>
+
  #define FALLBACK L"\\fb" EFI_ARCH L".efi"
  #define MOK_MANAGER L"\\mm" EFI_ARCH L".efi"
  
@@ -111,11 +113,17 @@ typedef struct {
  /*
   * Perform basic bounds checking of the intra-image pointers
   */
-static void *ImageAddress (void *image, unsigned int size, unsigned int address)
+static void *ImageAddress (void *image, uint64_t size, uint64_t address)
  {
+       /* ensure our local pointer isn't bigger than our size */
         if (address > size)
                 return NULL;
  
+       /* Insure our math won't overflow */
+       if (UINT64_MAX - address < (uint64_t)image)
+               return NULL;
+
+       /* return the absolute pointer */
         return image + address;
  }
author	Peter Jones <pjones@redhat.com>
	Thu, 19 Oct 2017 17:45:58 +0000 (13:45 -0400)
committer	Peter Jones <pmjones@gmail.com>
	Mon, 12 Mar 2018 20:21:43 +0000 (16:21 -0400)