MdeModulePkg CapsuleApp: Check capsule header for -D and -N options

[mirror_edk2.git] / MdeModulePkg / Application / CapsuleApp / CapsuleDump.c

diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
index 6c1320942bf423929e5cc6c67c9f66d12e5e8639..45c3ecd050ab18a6b5702680ee9fdff7b39706dd 100644 (file)
--- a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
@@ -61,6 +61,24 @@ WriteFileFromBuffer (
   IN  VOID                                 *Buffer\r
   );\r
 \r
+/**\r
+  Validate if it is valid capsule header\r
+\r
+  This function assumes the caller provided correct CapsuleHeader pointer\r
+  and CapsuleSize.\r
+\r
+  This function validates the fields in EFI_CAPSULE_HEADER.\r
+\r
+  @param[in] CapsuleHeader  Points to a capsule header.\r
+  @param[in] CapsuleSize    Size of the whole capsule image.\r
+\r
+**/\r
+BOOLEAN\r
+IsValidCapsuleHeader (\r
+  IN EFI_CAPSULE_HEADER     *CapsuleHeader,\r
+  IN UINT64                 CapsuleSize\r
+  );\r
+\r
 /**\r
   Dump UX capsule information.\r
 \r
@@ -214,7 +232,7 @@ IsNestedFmpCapsule (
   // FMP GUID after ESRT one\r
   //\r
   NestedCapsuleHeader = (EFI_CAPSULE_HEADER *)((UINT8 *)CapsuleHeader + CapsuleHeader->HeaderSize);\r
-  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->HeaderSize - (UINTN)NestedCapsuleHeader;\r
+  NestedCapsuleSize = (UINTN)CapsuleHeader + CapsuleHeader->CapsuleImageSize- (UINTN)NestedCapsuleHeader;\r
   if (NestedCapsuleSize < sizeof(EFI_CAPSULE_HEADER)) {\r
     return FALSE;\r
   }\r
@@ -248,6 +266,11 @@ DumpCapsule (
     Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);\r
     goto Done;\r
   }\r
+  if (!IsValidCapsuleHeader (Buffer, FileSize)) {\r
+    Print(L"CapsuleApp: Capsule image (%s) is not a valid capsule.\n", CapsuleName);\r
+    Status = EFI_INVALID_PARAMETER;\r
+    goto Done;\r
+  }\r
 \r
   CapsuleHeader = Buffer;\r
   if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {\r
@@ -283,7 +306,7 @@ Done:
   @retval EFI_UNSUPPORTED        Input parameter is not valid.\r
 **/\r
 EFI_STATUS\r
-DmpCapsuleStatusVariable (\r
+DumpCapsuleStatusVariable (\r
   VOID\r
   )\r
 {\r
@@ -454,9 +477,6 @@ DumpEsrtEntry (
   Print(L"  FwVersion                - 0x%x\n", EsrtEntry->FwVersion);\r
   Print(L"  LowestSupportedFwVersion - 0x%x\n", EsrtEntry->LowestSupportedFwVersion);\r
   Print(L"  CapsuleFlags             - 0x%x\n", EsrtEntry->CapsuleFlags);\r
-  Print(L"    PERSIST_ACROSS_RESET   - 0x%x\n", EsrtEntry->CapsuleFlags & CAPSULE_FLAGS_PERSIST_ACROSS_RESET);\r
-  Print(L"    POPULATE_SYSTEM_TABLE  - 0x%x\n", EsrtEntry->CapsuleFlags & CAPSULE_FLAGS_POPULATE_SYSTEM_TABLE);\r
-  Print(L"    INITIATE_RESET         - 0x%x\n", EsrtEntry->CapsuleFlags & CAPSULE_FLAGS_INITIATE_RESET);\r
   Print(L"  LastAttemptVersion       - 0x%x\n", EsrtEntry->LastAttemptVersion);\r
   Print(L"  LastAttemptStatus        - 0x%x (%a)\n", EsrtEntry->LastAttemptStatus, LastAttemptStatusToString(EsrtEntry->LastAttemptStatus));\r
 }\r
@@ -953,5 +973,7 @@ DumpFmpImage (
   Status = WriteFileFromBuffer(ImageName, ImageSize, Image);\r
   Print(L"CapsuleApp: Dump %g ImageIndex (0x%x) to %s %r\n", ImageTypeId, ImageIndex, ImageName, Status);\r
 \r
+  FreePool (Image);\r
+\r
   return ;\r
 }\r