MdeModulePkg CapsuleApp: Check capsule header before using its Flags

[mirror_edk2.git] / MdeModulePkg / Application / CapsuleApp / CapsuleApp.c

diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
index 90f1a02d9af6f8dc70c68281e8342c6d455cf12b..dbcffddea9ce55c70c9d8cf4fa607adbe1025f6b 100644 (file)
--- a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
@@ -715,6 +715,40 @@ CleanGatherList (
   }\r
 }\r
 \r
+/**\r
+  Validate if it is valid capsule header\r
+\r
+  This function assumes the caller provided correct CapsuleHeader pointer\r
+  and CapsuleSize.\r
+\r
+  This function validates the fields in EFI_CAPSULE_HEADER.\r
+\r
+  @param[in] CapsuleHeader  Points to a capsule header.\r
+  @param[in] CapsuleSize    Size of the whole capsule image.\r
+\r
+**/\r
+BOOLEAN\r
+IsValidCapsuleHeader (\r
+  IN EFI_CAPSULE_HEADER     *CapsuleHeader,\r
+  IN UINT64                 CapsuleSize\r
+  )\r
+{\r
+  if (CapsuleSize < sizeof (EFI_CAPSULE_HEADER)) {\r
+    return FALSE;\r
+  }\r
+  if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {\r
+    return FALSE;\r
+  }\r
+  if (CapsuleHeader->HeaderSize > CapsuleHeader->CapsuleImageSize) {\r
+    return FALSE;\r
+  }\r
+  if (CapsuleHeader->HeaderSize < sizeof (EFI_CAPSULE_HEADER)) {\r
+    return FALSE;\r
+  }\r
+\r
+  return TRUE;\r
+}\r
+\r
 /**\r
   Print APP usage.\r
 **/\r
@@ -738,17 +772,18 @@ PrintUsage (
   Print(L"       with CAPSULE_FLAGS_PERSIST_ACROSS_RESET and without CAPSULE_FLAGS_INITIATE_RESET.\n");\r
   Print(L"  -S:  Dump capsule report variable (EFI_CAPSULE_REPORT_GUID),\n");\r
   Print(L"       which is defined in UEFI specification.\n");\r
-  Print(L"  -C:  Clear capsule report variable (EFI_CAPSULE_RPORT_GUID),\n");\r
+  Print(L"  -C:  Clear capsule report variable (EFI_CAPSULE_REPORT_GUID),\n");\r
   Print(L"       which is defined in UEFI specification.\n");\r
-  Print(L"  -P:  Dump UEFI FMP protocol info.\n");\r
+  Print(L"  -P:  Dump UEFI FMP protocol info, or get image with specified\n");\r
+  Print(L"       ImageTypeId and index to a file if 'GET' option is used.\n");\r
   Print(L"  -E:  Dump UEFI ESRT table info.\n");\r
-  Print(L"  -G:  Convert a BMP file to be a UX capsule,\n");\r
+  Print(L"  -G:  Convert a BMP file to be an UX capsule,\n");\r
   Print(L"       according to Windows Firmware Update document\n");\r
   Print(L"  -N:  Append a Capsule Header to an existing capsule image,\n");\r
   Print(L"       according to Windows Firmware Update document\n");\r
   Print(L"  -O:  Output new Capsule file name\n");\r
-  Print(L"  -D:  Dump Capsule image header information and FMP header information,\n");\r
-  Print(L"       if it is an FMP capsule.\n");\r
+  Print(L"  -D:  Dump Capsule image header information, image payload information if it is an UX capsule\n");\r
+  Print(L"       and FMP header information if it is a FMP capsule.\n");\r
 }\r
 \r
 /**\r
@@ -820,7 +855,15 @@ UefiMain (
       DumpFmpData();\r
     }\r
     if (Argc >= 3) {\r
-      if (StrCmp(Argv[2], L"GET") == 0) {\r
+      if (StrCmp(Argv[2], L"GET") != 0) {\r
+        Print(L"CapsuleApp: Unrecognized option(%s).\n", Argv[2]);\r
+        return EFI_UNSUPPORTED;\r
+      } else {\r
+        if (Argc != 7) {\r
+          Print(L"CapsuleApp: Incorrect parameter count.\n");\r
+          return EFI_UNSUPPORTED;\r
+        }\r
+\r
         EFI_GUID  ImageTypeId;\r
         UINTN     ImageIndex;\r
         //\r
@@ -832,17 +875,26 @@ UefiMain (
           return EFI_INVALID_PARAMETER;\r
         }\r
         ImageIndex = StrDecimalToUintn(Argv[4]);\r
-        if (StrCmp(Argv[5], L"-O") == 0) {\r
-          DumpFmpImage(&ImageTypeId, ImageIndex, Argv[6]);\r
+        if (StrCmp(Argv[5], L"-O") != 0) {\r
+          Print(L"CapsuleApp: NO output file name.\n");\r
+          return EFI_UNSUPPORTED;\r
         }\r
+        DumpFmpImage(&ImageTypeId, ImageIndex, Argv[6]);\r
       }\r
     }\r
     return EFI_SUCCESS;\r
   }\r
+\r
   if (StrCmp(Argv[1], L"-E") == 0) {\r
     DumpEsrtData();\r
     return EFI_SUCCESS;\r
   }\r
+\r
+  if (Argv[1][0] == L'-') {\r
+    Print(L"CapsuleApp: Unrecognized option(%s).\n", Argv[1]);\r
+    return EFI_UNSUPPORTED;\r
+  }\r
+\r
   CapsuleFirstIndex = 1;\r
   NoReset = FALSE;\r
   if ((Argc > 1) && (StrCmp(Argv[Argc - 1], L"-NR") == 0)) {\r
@@ -873,6 +925,10 @@ UefiMain (
       Print(L"CapsuleApp: capsule image (%s) is not found.\n", CapsuleName);\r
       goto Done;\r
     }\r
+    if (!IsValidCapsuleHeader (CapsuleBuffer[Index], FileSize[Index])) {\r
+      Print(L"CapsuleApp: Capsule image (%s) is not a valid capsule.\n", CapsuleName);\r
+      return EFI_INVALID_PARAMETER;\r
+    }\r
   }\r
 \r
   //\r