"3.1.1 Boot Manager Programming" in the UEFI 2.5 spec mandates that
Boot#### and similar options contain EFI_LOAD_OPTION structures. The
EFI_LOAD_OPTION structure encodes the fixed initial part of the payload,
and we can (and should) use it to enforce a minimum size for variable
contents.
This patch is meant as a safety improvement.
Cc: Jaben Carsey <jaben.carsey@intel.com>
Cc: Ryan Harkin <ryan.harkin@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19710
6f19259b-4bc3-4df7-8a09-
765794883524
CHAR16 *DevPathString;\r
VOID *DevPath;\r
UINTN Errors;\r
CHAR16 *DevPathString;\r
VOID *DevPath;\r
UINTN Errors;\r
+ EFI_LOAD_OPTION *LoadOption;\r
\r
if (OrderCount == 0) {\r
ShellPrintHiiEx(-1, -1, NULL, STRING_TOKEN(STR_BCFG_NONE), gShellBcfgHiiHandle, L"bcfg"); \r
\r
if (OrderCount == 0) {\r
ShellPrintHiiEx(-1, -1, NULL, STRING_TOKEN(STR_BCFG_NONE), gShellBcfgHiiHandle, L"bcfg"); \r
+ //\r
+ // We expect the Attributes, FilePathListLength, and L'\0'-terminated\r
+ // Description fields to be present.\r
+ //\r
+ if (BufferSize < sizeof *LoadOption + sizeof (CHAR16)) {\r
+ ShellPrintHiiEx (\r
+ -1,\r
+ -1,\r
+ NULL,\r
+ STRING_TOKEN (STR_BCFG_VAR_CORRUPT),\r
+ gShellBcfgHiiHandle,\r
+ L"bcfg",\r
+ VariableName\r
+ );\r
+ ++Errors;\r
+ goto Cleanup;\r
+ }\r
+\r
if ((*(UINT16*)(Buffer+4)) != 0) {\r
DevPath = AllocateZeroPool(*(UINT16*)(Buffer+4));\r
if (DevPath != NULL) {\r
if ((*(UINT16*)(Buffer+4)) != 0) {\r
DevPath = AllocateZeroPool(*(UINT16*)(Buffer+4));\r
if (DevPath != NULL) {\r
#string STR_GEN_OUT_MEM #language en-US "%H%s%N: Memory allocation was not successful.\r\n"\r
#string STR_BCFG_WRITE_FAIL #language en-US "%H%s%N: Unable to write to '%H%s%N'\r\n"\r
#string STR_BCFG_READ_FAIL #language en-US "%H%s%N: Unable to read from '%H%s%N'\r\n"\r
#string STR_GEN_OUT_MEM #language en-US "%H%s%N: Memory allocation was not successful.\r\n"\r
#string STR_BCFG_WRITE_FAIL #language en-US "%H%s%N: Unable to write to '%H%s%N'\r\n"\r
#string STR_BCFG_READ_FAIL #language en-US "%H%s%N: Unable to read from '%H%s%N'\r\n"\r
+#string STR_BCFG_VAR_CORRUPT #language en-US "%H%s%N: Variable '%H%s%N' corrupt.\r\n"\r
#string STR_BCFG_HANDLE #language en-US "%H%s%N: The handle [%H%02x%N] does not have DevicePath.\r\n"\r
#string STR_BCFG_FILE #language en-US "%H%s%N: The file '%H%s%N' matches multiple files.\r\n"\r
#string STR_BCFG_FILE_OPEN #language en-US "%H%s%N: The file '%H%s%N' did not open.\r\n"\r
#string STR_BCFG_HANDLE #language en-US "%H%s%N: The handle [%H%02x%N] does not have DevicePath.\r\n"\r
#string STR_BCFG_FILE #language en-US "%H%s%N: The file '%H%s%N' matches multiple files.\r\n"\r
#string STR_BCFG_FILE_OPEN #language en-US "%H%s%N: The file '%H%s%N' did not open.\r\n"\r
projects / mirror_edk2.git / commitdiff