diff options
author | jyao1 <jyao1> | 2014-02-12 06:04:58 +0000 |
---|---|---|
committer | jyao1 <jyao1@6f19259b-4bc3-4df7-8a09-765794883524> | 2014-02-12 06:04:58 +0000 |
commit | 2080f676df886be48f227d7bb74fd6b30b20e431 (patch) | |
tree | bd707fd048158253c322005dca326d2df9596319 | |
parent | 5dc6ab16971eb237a90099ac7c496ebef3902e6a (diff) | |
download | edk2-platforms-2080f676df886be48f227d7bb74fd6b30b20e431.tar.xz |
Add more check for PE COFF SizeOfHeader field.
Signed-off by: jiewen yao <jiewen.yao@intel.com>
reviewed by: eric dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15233 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r-- | MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c index b7ecc31715..d9e8809e55 100644 --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c @@ -15,7 +15,7 @@ PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header.
PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF image.
- Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -249,6 +249,10 @@ PeCoffLoaderGetPeHeader ( //
// 3. Check the FileHeader.NumberOfSections field.
//
+ if (Hdr.Pe32->OptionalHeader.SizeOfImage <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32->OptionalHeader.SizeOfImage - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER <= Hdr.Pe32->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
@@ -257,6 +261,14 @@ PeCoffLoaderGetPeHeader ( //
// 4. Check the OptionalHeader.SizeOfHeaders field.
//
+ if (Hdr.Pe32->OptionalHeader.SizeOfHeaders <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
+ if (Hdr.Pe32->OptionalHeader.SizeOfHeaders >= Hdr.Pe32->OptionalHeader.SizeOfImage) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32->OptionalHeader.SizeOfHeaders - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER < (UINT32)Hdr.Pe32->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
@@ -351,6 +363,10 @@ PeCoffLoaderGetPeHeader ( //
// 3. Check the FileHeader.NumberOfSections field.
//
+ if (Hdr.Pe32Plus->OptionalHeader.SizeOfImage <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32Plus->OptionalHeader.SizeOfImage - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER <= Hdr.Pe32Plus->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
@@ -359,6 +375,14 @@ PeCoffLoaderGetPeHeader ( //
// 4. Check the OptionalHeader.SizeOfHeaders field.
//
+ if (Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders <= SectionHeaderOffset) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
+ if (Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders >= Hdr.Pe32Plus->OptionalHeader.SizeOfImage) {
+ ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
+ return RETURN_UNSUPPORTED;
+ }
if ((Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER < (UINT32)Hdr.Pe32Plus->FileHeader.NumberOfSections) {
ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED;
return RETURN_UNSUPPORTED;
|