/**\r
Get volume and free space size information of an UDF volume.\r
\r
+ @attention This is boundary function that may receive untrusted input.\r
+ @attention The input is from FileSystem.\r
+\r
+ The Logical Volume Descriptor and the Logical Volume Integrity Descriptor are\r
+ external inputs, so this routine will do basic validation for both descriptors\r
+ and report status.\r
+\r
@param[in] BlockIo BlockIo interface.\r
@param[in] DiskIo DiskIo interface.\r
@param[in] Volume UDF volume information structure.\r
\r
ExtentAd = &LogicalVolDesc->IntegritySequenceExtent;\r
\r
- if (ExtentAd->ExtentLength == 0) {\r
+ if ((ExtentAd->ExtentLength == 0) ||\r
+ (ExtentAd->ExtentLength < sizeof (UDF_LOGICAL_VOLUME_INTEGRITY))) {\r
return EFI_VOLUME_CORRUPTED;\r
}\r
\r
goto Out_Free;\r
}\r
\r
+ if ((LogicalVolInt->NumberOfPartitions > MAX_UINT32 / sizeof (UINT32) / 2) ||\r
+ (LogicalVolInt->NumberOfPartitions * sizeof (UINT32) * 2 >\r
+ ExtentAd->ExtentLength - sizeof (UDF_LOGICAL_VOLUME_INTEGRITY))) {\r
+ Status = EFI_VOLUME_CORRUPTED;\r
+ goto Out_Free;\r
+ }\r
+\r
*VolumeSize = 0;\r
*FreeSpaceSize = 0;\r
\r