summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjyao1 <jyao1>2014-02-12 06:04:58 +0000
committerjyao1 <jyao1@6f19259b-4bc3-4df7-8a09-765794883524>2014-02-12 06:04:58 +0000
commit2080f676df886be48f227d7bb74fd6b30b20e431 (patch)
treebd707fd048158253c322005dca326d2df9596319
parent5dc6ab16971eb237a90099ac7c496ebef3902e6a (diff)
downloadedk2-platforms-2080f676df886be48f227d7bb74fd6b30b20e431.tar.xz
Add more check for PE COFF SizeOfHeader field.
Signed-off by: jiewen yao <jiewen.yao@intel.com> reviewed by: eric dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15233 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r--MdePkg/Library/BasePeCoffLib/BasePeCoff.c26
1 files changed, 25 insertions, 1 deletions
diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
index b7ecc31715..d9e8809e55 100644
--- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
+++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
@@ -15,7 +15,7 @@
PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.
PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF image.
- Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -249,6 +249,10 @@ PeCoffLoaderGetPeHeader (
//
// 3. Check the FileHeader.NumberOfSections field.
//
+ if (Hdr.Pe32->OptionalHeader.SizeOfImage <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32->OptionalHeader.SizeOfImage - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER <= Hdr.Pe32->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
@@ -257,6 +261,14 @@ PeCoffLoaderGetPeHeader (
//
// 4. Check the OptionalHeader.SizeOfHeaders field.
//
+ if (Hdr.Pe32->OptionalHeader.SizeOfHeaders <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
+ if (Hdr.Pe32->OptionalHeader.SizeOfHeaders >= Hdr.Pe32->OptionalHeader.SizeOfImage) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32->OptionalHeader.SizeOfHeaders - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER < (UINT32)Hdr.Pe32->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
@@ -351,6 +363,10 @@ PeCoffLoaderGetPeHeader (
//
// 3. Check the FileHeader.NumberOfSections field.
//
+ if (Hdr.Pe32Plus->OptionalHeader.SizeOfImage <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32Plus->OptionalHeader.SizeOfImage - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER <= Hdr.Pe32Plus->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
@@ -359,6 +375,14 @@ PeCoffLoaderGetPeHeader (
//
// 4. Check the OptionalHeader.SizeOfHeaders field.
//
+ if (Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
+ if (Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders >= Hdr.Pe32Plus->OptionalHeader.SizeOfImage) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER < (UINT32)Hdr.Pe32Plus->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;