Add PI1.2.1 SAP2 support and UEFI231B mantis 896

[mirror_edk2.git] / SecurityPkg / Library / DxeTpmMeasureBootLib / DxeTpmMeasureBootLib.c

diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
index bbd38b74eda74e235fb20e83cb8d321dc64c519f..d4616fa3c96fc6be48daac82379e48f996898b17 100644 (file)
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
@@ -1,6 +1,20 @@
 /** @file\r
   The library instance provides security service of TPM measure boot.  \r
 \r
+  Caution: This file requires additional review when modified.\r
+  This library will have external input - PE/COFF image and GPT partition.\r
+  This external input must be validated carefully to avoid security issue like\r
+  buffer overflow, integer overflow.\r
+\r
+  DxeTpmMeasureBootLibImageRead() function will make sure the PE/COFF image content\r
+  read is within the image buffer.\r
+\r
+  TcgMeasurePeImage() function will accept untrusted PE/COFF image and validate its\r
+  data structure within this image buffer before use.\r
+\r
+  TcgMeasureGptTable() function will receive untrusted GPT partition table, and parse\r
+  partition data carefully.\r
+\r
 Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials \r
 are licensed and made available under the terms and conditions of the BSD License \r
@@ -42,6 +56,10 @@ UINTN                             mImageSize;
 /**\r
   Reads contents of a PE/COFF image in memory buffer.\r
 \r
+  Caution: This function may receive untrusted input.\r
+  PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
+  read is within the image buffer.\r
+\r
   @param  FileHandle      Pointer to the file handle to read the PE/COFF image.\r
   @param  FileOffset      Offset into the PE/COFF image to begin the read operation.\r
   @param  ReadSize        On input, the size in bytes of the requested read operation.  \r
@@ -86,6 +104,9 @@ DxeTpmMeasureBootLibImageRead (
 /**\r
   Measure GPT table data into TPM log.\r
 \r
+  Caution: This function may receive untrusted input.\r
+  The GPT partition table is external input, so this function should parse partition data carefully.\r
+\r
   @param TcgProtocol             Pointer to the located TCG protocol instance.\r
   @param GptHandle               Handle that GPT partition was installed.\r
 \r
@@ -247,6 +268,10 @@ TcgMeasureGptTable (
   Measure PE image into TPM log based on the authenticode image hashing in\r
   PE/COFF Specification 8.0 Appendix A.\r
 \r
+  Caution: This function may receive untrusted input.\r
+  PE/COFF image is external input, so this function will validate its data structure\r
+  within this image buffer before use.\r
+\r
   @param[in] TcgProtocol    Pointer to the located TCG protocol instance.\r
   @param[in] ImageAddress   Start address of image buffer.\r
   @param[in] ImageSize      Image size\r