From ca5a7d87e372ad8897881a543cb3e2beb8b1ec01 Mon Sep 17 00:00:00 2001 From: sfu5 Date: Thu, 21 Feb 2013 01:35:22 +0000 Subject: [PATCH] Add error handling code to prevent variable store corruption in release build. Signed-off-by: Fu Siyuan Reviewed-by: Ye Ting Reviewed-by: Dong Guo git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14139 6f19259b-4bc3-4df7-8a09-765794883524 --- .../RuntimeDxe/AuthService.c | 7 ++++ .../RuntimeDxe/Variable.c | 35 +++++++++++-------- .../RuntimeDxe/Variable.h | 29 +++++++-------- 3 files changed, 43 insertions(+), 28 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index 8552d31b25..6f8808a756 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -445,6 +445,10 @@ AddPubKeyInStore ( FALSE ); ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status)) { + return 0; + } + // // Check whether the public key entry does exist. // @@ -492,6 +496,9 @@ AddPubKeyInStore ( FALSE ); ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status)) { + return 0; + } DataSize = DataSizeOfVariable (Variable.CurrPtr); Data = GetVariableDataPtr (Variable.CurrPtr); diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c index ce4f6e813e..10915e45b0 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c @@ -651,27 +651,28 @@ PubKeyStoreFilter ( If ReclaimPubKeyStore is TRUE, reclaim invalid key in public key database and update the PubKeyIndex for all the count-based authenticate variable in NV storage. - @param[in] VariableBase Base address of variable store. - @param[out] LastVariableOffset Offset of last variable. - @param[in] IsVolatile The variable store is volatile or not; - if it is non-volatile, need FTW. - @param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure. - @param[in] ReclaimPubKeyStore Reclaim for public key database or not. - @param[in] ReclaimAnyway If TRUE, do reclaim anyway. + @param[in] VariableBase Base address of variable store. + @param[out] LastVariableOffset Offset of last variable. + @param[in] IsVolatile The variable store is volatile or not; + if it is non-volatile, need FTW. + @param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure. + @param[in] ReclaimPubKeyStore Reclaim for public key database or not. + @param[in] ReclaimAnyway If TRUE, do reclaim anyway. - @return EFI_OUT_OF_RESOURCES No enough memory resources. @return EFI_SUCCESS Reclaim operation has finished successfully. + @return EFI_OUT_OF_RESOURCES No enough memory resources. + @return EFI_DEVICE_ERROR The public key database doesn't exist. @return Others Unexpect error happened during reclaim operation. **/ EFI_STATUS Reclaim ( - IN EFI_PHYSICAL_ADDRESS VariableBase, - OUT UINTN *LastVariableOffset, - IN BOOLEAN IsVolatile, - IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack, - IN BOOLEAN ReclaimPubKeyStore, - IN BOOLEAN ReclaimAnyway + IN EFI_PHYSICAL_ADDRESS VariableBase, + OUT UINTN *LastVariableOffset, + IN BOOLEAN IsVolatile, + IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack, + IN BOOLEAN ReclaimPubKeyStore, + IN BOOLEAN ReclaimAnyway ) { VARIABLE_HEADER *Variable; @@ -809,6 +810,12 @@ Reclaim ( // Reinstall the new public key database. // ASSERT (PubKeyHeader != NULL); + if (PubKeyHeader == NULL) { + FreePool (ValidBuffer); + FreePool (NewPubKeyIndex); + FreePool (NewPubKeyStore); + return EFI_DEVICE_ERROR; + } CopyMem (CurrPtr, (UINT8*) PubKeyHeader, sizeof (VARIABLE_HEADER)); Variable = (VARIABLE_HEADER*) CurrPtr; Variable->DataSize = NewPubKeySize; diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h index 8e292f36b2..4501583648 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h @@ -381,27 +381,28 @@ VariableCommonInitialize ( If ReclaimPubKeyStore is TRUE, reclaim invalid key in public key database and update the PubKeyIndex for all the count-based authenticate variable in NV storage. - @param[in] VariableBase Base address of variable store. - @param[out] LastVariableOffset Offset of last variable. - @param[in] IsVolatile The variable store is volatile or not; - if it is non-volatile, need FTW. - @param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure. - @param[in] ReclaimPubKeyStore Reclaim for public key database or not. - @param[in] ReclaimAnyway If TRUE, do reclaim anyway. + @param[in] VariableBase Base address of variable store. + @param[out] LastVariableOffset Offset of last variable. + @param[in] IsVolatile The variable store is volatile or not; + if it is non-volatile, need FTW. + @param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure. + @param[in] ReclaimPubKeyStore Reclaim for public key database or not. + @param[in] ReclaimAnyway If TRUE, do reclaim anyway. - @return EFI_OUT_OF_RESOURCES No enough memory resources. @return EFI_SUCCESS Reclaim operation has finished successfully. + @return EFI_OUT_OF_RESOURCES No enough memory resources. + @return EFI_DEVICE_ERROR The public key database doesn't exist. @return Others Unexpect error happened during reclaim operation. **/ EFI_STATUS Reclaim ( - IN EFI_PHYSICAL_ADDRESS VariableBase, - OUT UINTN *LastVariableOffset, - IN BOOLEAN IsVolatile, - IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack, - IN BOOLEAN ReclaimPubKeyStore, - IN BOOLEAN ReclaimAnyway + IN EFI_PHYSICAL_ADDRESS VariableBase, + OUT UINTN *LastVariableOffset, + IN BOOLEAN IsVolatile, + IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack, + IN BOOLEAN ReclaimPubKeyStore, + IN BOOLEAN ReclaimAnyway ); /** -- 2.39.2