Add comment for modules which have external input.

[mirror_edk2.git] / MdePkg / Library / BasePeCoffLib / BasePeCoff.c

diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
index e44f04c799308e6c298d682a78775e02034edd38..71089bbb0de6afda69c87e9657edba70841a88f1 100644 (file)
--- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
+++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
@@ -2,6 +2,19 @@
   Base PE/COFF loader supports loading any PE32/PE32+ or TE image, but\r
   only supports relocating IA32, x64, IPF, and EBC images.\r
 \r
+  Caution: This file requires additional review when modified.\r
+  This library will have external input - PE/COFF image.\r
+  This external input must be validated carefully to avoid security issue like\r
+  buffer overflow, integer overflow.\r
+\r
+  The basic guideline is that caller need provide ImageContext->ImageRead () with the\r
+  necessary data range check, to make sure when this library reads PE/COFF image, the\r
+  PE image buffer is always in valid range.\r
+  This library will also do some additional check for PE header fields.\r
+\r
+  PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.\r
+  PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF image.\r
+\r
   Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
   Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>\r
   This program and the accompanying materials\r
@@ -48,7 +61,10 @@ PeCoffLoaderGetPeHeaderMagicValue (
 \r
 /**\r
   Retrieves the PE or TE Header from a PE/COFF or TE image. \r
-  Also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, \r
+\r
+  Caution: This function may receive untrusted input.\r
+  PE/COFF image is external input, so this routine will \r
+  also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, \r
   SizeOfHeader, Section Data Region and Security Data Region be in PE image range. \r
 \r
   @param  ImageContext    The context of the image being loaded.\r
@@ -376,7 +392,9 @@ PeCoffLoaderGetPeHeader (
   The ImageRead and Handle fields of ImageContext structure must be valid prior \r
   to invoking this service.\r
 \r
-  Also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, \r
+  Caution: This function may receive untrusted input.\r
+  PE/COFF image is external input, so this routine will \r
+  also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, \r
   SizeOfHeader, Section Data Region and Security Data Region be in PE image range. \r
 \r
   @param  ImageContext              The pointer to the image context structure that describes the PE/COFF\r