/** @file\r
\r
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions\r
BackupImage = NULL;\r
RomHeader.Raw = *Rom;\r
while (RomHeader.Generic->Signature == PCI_EXPANSION_ROM_HEADER_SIGNATURE) {\r
- if (*ImageSize < \r
- RomHeader.Raw - (UINT8 *) *Rom + RomHeader.Generic->PcirOffset + sizeof (PCI_DATA_STRUCTURE)\r
- ) {\r
- return EFI_NOT_FOUND;\r
+ if (RomHeader.Generic->PcirOffset == 0 ||\r
+ (RomHeader.Generic->PcirOffset & 3) !=0 ||\r
+ *ImageSize < RomHeader.Raw - (UINT8 *) *Rom + RomHeader.Generic->PcirOffset + sizeof (PCI_DATA_STRUCTURE)) {\r
+ break;\r
}\r
\r
Pcir = (PCI_3_0_DATA_STRUCTURE *) (RomHeader.Raw + RomHeader.Generic->PcirOffset);\r
+ //\r
+ // Check signature in the PCI Data Structure.\r
+ //\r
+ if (Pcir->Signature != PCI_DATA_STRUCTURE_SIGNATURE) {\r
+ break;\r
+ }\r
\r
+ if ((UINTN)(RomHeader.Raw - (UINT8 *) *Rom) + Pcir->ImageLength * 512 > *ImageSize) {\r
+ break;\r
+ }\r
+ \r
if (Pcir->CodeType == PCI_CODE_TYPE_PCAT_IMAGE) {\r
Match = FALSE;\r
if (Pcir->VendorId == VendorId) {\r
}\r
\r
LocalRomImage = *RomImage;\r
+ if (((PCI_EXPANSION_ROM_HEADER *) LocalRomImage)->Signature != PCI_EXPANSION_ROM_HEADER_SIGNATURE ||\r
+ ((PCI_EXPANSION_ROM_HEADER *) LocalRomImage)->PcirOffset == 0 ||\r
+ (((PCI_EXPANSION_ROM_HEADER *) LocalRomImage)->PcirOffset & 3 ) != 0) {\r
+ mVgaInstallationInProgress = FALSE;\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+ \r
Pcir = (PCI_3_0_DATA_STRUCTURE *)\r
((UINT8 *) LocalRomImage + ((PCI_EXPANSION_ROM_HEADER *) LocalRomImage)->PcirOffset);\r
+\r
+ if (Pcir->Signature != PCI_DATA_STRUCTURE_SIGNATURE) {\r
+ mVgaInstallationInProgress = FALSE;\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
ImageSize = Pcir->ImageLength * 512;\r
if (Pcir->Length >= 0x1C) {\r
OpromRevision = Pcir->Revision;\r
projects / mirror_edk2.git / blobdiff