diff options
| author | mdkinney <mdkinney@6f19259b-4bc3-4df7-8a09-765794883524> | 2006-11-29 03:05:46 +0000 |
|---|---|---|
| committer | mdkinney <mdkinney@6f19259b-4bc3-4df7-8a09-765794883524> | 2006-11-29 03:05:46 +0000 |
| commit | 838c84ec7e27c4da5f56322791126b8fcacdafd7 (patch) | |
| tree | dca33e795a9e6b1d4a9f22361a7d2edc0fed1a71 /EdkModulePkg | |
| parent | 8572fea91ce555d84e845c63c923e468ce12a1a4 (diff) | |
| download | edk2-platforms-838c84ec7e27c4da5f56322791126b8fcacdafd7.tar.xz | |
1) Fix buffer overflow in JUMP_BUFFER in the DXE Core StartImage()
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@2035 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'EdkModulePkg')
| -rw-r--r-- | EdkModulePkg/Core/Dxe/Image/Image.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/EdkModulePkg/Core/Dxe/Image/Image.c b/EdkModulePkg/Core/Dxe/Image/Image.c index 9d585a94ea..a71c6f643a 100644 --- a/EdkModulePkg/Core/Dxe/Image/Image.c +++ b/EdkModulePkg/Core/Dxe/Image/Image.c @@ -953,12 +953,12 @@ Returns: // JumpContext must be aligned on a CPU specific boundary.
// Overallocate the buffer and force the required alignment
//
- Image->JumpBuffer = CoreAllocateBootServicesPool (sizeof (*Image->JumpContext) + BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);
+ Image->JumpBuffer = CoreAllocateBootServicesPool (sizeof (BASE_LIBRARY_JUMP_BUFFER) + BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);
if (Image->JumpBuffer == NULL) {
PERF_END (ImageHandle, START_IMAGE_TOK, NULL, 0);
return EFI_OUT_OF_RESOURCES;
}
- Image->JumpContext = (VOID *)((UINTN)(ALIGN_POINTER (Image->JumpBuffer, BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT)) + BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);
+ Image->JumpContext = ALIGN_POINTER (Image->JumpBuffer, BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);
SetJumpFlag = SetJump (Image->JumpContext);
//
|