return EFI_OUT_OF_RESOURCES;\r
}\r
\r
+ if (!ValidateOption(BootOptionVar, BootOptionSize)) {\r
+ BdsDeleteBootOption (BootOrder[Index], BootOrder, &BootOrderSize);\r
+ FreePool (BootOptionVar);\r
+ Index++;\r
+ continue;\r
+ }\r
+\r
TempPtr = BootOptionVar;\r
TempPtr += sizeof (UINT32) + sizeof (UINT16);\r
TempPtr += StrSize ((CHAR16 *) TempPtr);\r
EFI_DEVICE_PATH_PROTOCOL *OptionDevicePath;\r
UINT8 *TempPtr;\r
CHAR16 *Description;\r
+ BOOLEAN Corrupted;\r
\r
- Status = EFI_SUCCESS;\r
- BootOrder = NULL;\r
- BootOrderSize = 0;\r
+ Status = EFI_SUCCESS;\r
+ BootOrder = NULL;\r
+ Description = NULL;\r
+ OptionDevicePath = NULL;\r
+ BootOrderSize = 0;\r
+ Corrupted = FALSE;\r
\r
//\r
// Check "BootOrder" variable firstly, this variable hold the number of boot options\r
return EFI_OUT_OF_RESOURCES;\r
}\r
\r
- TempPtr = BootOptionVar;\r
- TempPtr += sizeof (UINT32) + sizeof (UINT16);\r
- Description = (CHAR16 *) TempPtr;\r
- TempPtr += StrSize ((CHAR16 *) TempPtr);\r
- OptionDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) TempPtr;\r
+ if (!ValidateOption(BootOptionVar, BootOptionSize)) {\r
+ Corrupted = TRUE;\r
+ } else {\r
+ TempPtr = BootOptionVar;\r
+ TempPtr += sizeof (UINT32) + sizeof (UINT16);\r
+ Description = (CHAR16 *) TempPtr;\r
+ TempPtr += StrSize ((CHAR16 *) TempPtr);\r
+ OptionDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) TempPtr;\r
\r
- //\r
- // Skip legacy boot option (BBS boot device)\r
- //\r
- if ((DevicePathType (OptionDevicePath) == BBS_DEVICE_PATH) &&\r
- (DevicePathSubType (OptionDevicePath) == BBS_BBS_DP)) {\r
- FreePool (BootOptionVar);\r
- Index++;\r
- continue;\r
+ //\r
+ // Skip legacy boot option (BBS boot device)\r
+ //\r
+ if ((DevicePathType (OptionDevicePath) == BBS_DEVICE_PATH) &&\r
+ (DevicePathSubType (OptionDevicePath) == BBS_BBS_DP)) {\r
+ FreePool (BootOptionVar);\r
+ Index++;\r
+ continue;\r
+ }\r
}\r
\r
- if (!BdsLibIsValidEFIBootOptDevicePathExt (OptionDevicePath, FALSE, Description)) {\r
+ if (Corrupted || !BdsLibIsValidEFIBootOptDevicePathExt (OptionDevicePath, FALSE, Description)) {\r
//\r
// Delete this invalid boot option "Boot####"\r
//\r
// Mark this boot option in boot order as deleted\r
//\r
BootOrder[Index] = 0xffff;\r
+ Corrupted = FALSE;\r
}\r
\r
FreePool (BootOptionVar);\r
if (OptionPtr == NULL) {\r
continue;\r
}\r
+\r
+ //\r
+ // Validate the variable.\r
+ //\r
+ if (!ValidateOption(OptionPtr, OptionSize)) {\r
+ continue;\r
+ }\r
+\r
TempPtr = OptionPtr;\r
TempPtr += sizeof (UINT32) + sizeof (UINT16);\r
Description = (CHAR16 *) TempPtr;\r
Size = 0;\r
while (!IsDevicePathEnd (DevicePath)) {\r
NodeSize = DevicePathNodeLength (DevicePath);\r
- if (NodeSize == 0) {\r
+ if (NodeSize < END_DEVICE_PATH_LENGTH) {\r
return 0;\r
}\r
Size += NodeSize;\r
return (Length + 1) * sizeof (*String);\r
}\r
\r
+/**\r
+ Validate the EFI Boot#### variable (VendorGuid/Name)\r
+\r
+ @param Variable Boot#### variable data.\r
+ @param VariableSize Returns the size of the EFI variable that was read\r
+\r
+ @retval TRUE The variable data is correct.\r
+ @retval FALSE The variable data is corrupted.\r
+\r
+**/\r
+BOOLEAN \r
+ValidateOption (\r
+ UINT8 *Variable,\r
+ UINTN VariableSize\r
+ )\r
+{\r
+ UINT16 FilePathSize;\r
+ UINT8 *TempPtr;\r
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;\r
+ EFI_DEVICE_PATH_PROTOCOL *TempPath;\r
+ UINTN TempSize;\r
+\r
+ //\r
+ // Skip the option attribute\r
+ //\r
+ TempPtr = Variable;\r
+ TempPtr += sizeof (UINT32);\r
+\r
+ //\r
+ // Get the option's device path size\r
+ //\r
+ FilePathSize = *(UINT16 *) TempPtr;\r
+ TempPtr += sizeof (UINT16);\r
+\r
+ //\r
+ // Get the option's description string size\r
+ //\r
+ TempSize = StrSizeEx ((CHAR16 *) TempPtr, VariableSize);\r
+ TempPtr += TempSize;\r
+\r
+ //\r
+ // Get the option's device path\r
+ //\r
+ DevicePath = (EFI_DEVICE_PATH_PROTOCOL *) TempPtr;\r
+ TempPtr += FilePathSize;\r
+\r
+ //\r
+ // Validation boot option variable.\r
+ //\r
+ if ((FilePathSize == 0) || (TempSize == 0)) {\r
+ return FALSE;\r
+ }\r
+\r
+ if (TempSize + FilePathSize + sizeof (UINT16) + sizeof (UINT16) > VariableSize) {\r
+ return FALSE;\r
+ }\r
+\r
+ TempPath = DevicePath;\r
+ while (FilePathSize > 0) {\r
+ TempSize = GetDevicePathSizeEx (TempPath, FilePathSize);\r
+ if (TempSize == 0) {\r
+ return FALSE;\r
+ }\r
+ FilePathSize = (UINT16) (FilePathSize - TempSize);\r
+ TempPath += TempSize;\r
+ }\r
+\r
+ return TRUE;\r
+}\r
+\r
/**\r
Convert a single character to number.\r
It assumes the input Char is in the scope of L'0' ~ L'9' and L'A' ~ L'F'\r
if (Variable == NULL) {\r
return NULL;\r
}\r
+\r
+ //\r
+ // Validate Boot#### variable data.\r
+ //\r
+ if (!ValidateOption(Variable, VariableSize)) {\r
+ return NULL;\r
+ }\r
+\r
//\r
// Notes: careful defined the variable of Boot#### or\r
// Driver####, consider use some macro to abstract the code\r
VOID\r
);\r
\r
+/**\r
+ Validate the EFI Boot#### or Driver#### variable (VendorGuid/Name)\r
+\r
+ @param Variable Boot#### variable data.\r
+ @param VariableSize Returns the size of the EFI variable that was read\r
+\r
+ @retval TRUE The variable data is correct.\r
+ @retval FALSE The variable data is corrupted.\r
+\r
+**/\r
+BOOLEAN \r
+ValidateOption (\r
+ UINT8 *Variable,\r
+ UINTN VariableSize\r
+ );\r
+\r
#endif // _BDS_LIB_H_\r