summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArd Biesheuvel <ard.biesheuvel@linaro.org>2015-05-05 15:51:44 +0000
committeroliviermartin <oliviermartin@Edk2>2015-05-05 15:51:44 +0000
commite1455b04126ce034301c81c0665d221af14464c6 (patch)
treefd4a9c28e2984d728f6021281d8b73622483bd86
parent5a44a766b597e4c9960ac1936e6d18001c5e7ce2 (diff)
downloadedk2-platforms-e1455b04126ce034301c81c0665d221af14464c6.tar.xz
EmbeddedPkg: do not ASSERT() on valid external input
Since ASSERT()s are enabled even on all ArmPlatformPkg RELEASE builds, ASSERT()ing on a valid FDT header will crash the firmware if the user selects an incorrect file. Since ASSERT() is meant to catch internal inconsistencies in the firmware, its use here is inappropriate. Instead, handle it as a normal error condition. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Olivier Martin <olivier.martin@arm.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17309 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r--EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatform.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatform.c b/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatform.c
index b6f5c3e58d..fb2ae6071a 100644
--- a/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatform.c
+++ b/EmbeddedPkg/Drivers/FdtPlatformDxe/FdtPlatform.c
@@ -94,15 +94,16 @@ InstallFdt (
goto Error;
}
- // Check the FDT header is valid. We only make this check in DEBUG mode in
- // case the FDT header change on production device and this ASSERT() becomes
- // not valid.
- ASSERT (fdt_check_header ((VOID*)(UINTN)FdtBlobBase) == 0);
-
//
- // Ensure the Size of the Device Tree is smaller than the size of the read file
+ // Ensure that the FDT header is valid and that the Size of the Device Tree
+ // is smaller than the size of the read file
//
- ASSERT ((UINTN)fdt_totalsize ((VOID*)(UINTN)FdtBlobBase) <= FdtBlobSize);
+ if (fdt_check_header ((VOID*)(UINTN)FdtBlobBase) != 0 ||
+ (UINTN)fdt_totalsize ((VOID*)(UINTN)FdtBlobBase) > FdtBlobSize) {
+ DEBUG ((EFI_D_ERROR, "InstallFdt() - loaded FDT binary image seems corrupt\n"));
+ Status = EFI_LOAD_ERROR;
+ goto Error;
+ }
//
// Store the FDT as Runtime Service Data to prevent the Kernel from