diff options
| author | qhuang8 <qhuang8@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-01-27 14:49:47 +0000 |
|---|---|---|
| committer | qhuang8 <qhuang8@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-01-27 14:49:47 +0000 |
| commit | 6dec88649aefe8c302d32871adfe791407911788 (patch) | |
| tree | cb30fb49d8df2abca11041e8439418d2b5567fc5 /EdkShellBinPkg/ReadMe.txt | |
| parent | 90f1486c8ebc891e3c69fc98d8efa372b0c4806c (diff) | |
| download | edk2-platforms-6dec88649aefe8c302d32871adfe791407911788.tar.xz | |
Fix a security hole in shell binaries:
For gBS->LoadImage() if the return status is EFI_SECURITY_VIOLATION, the image handle may not be NULL.
Shell environment should not have the assumption that the output ImageHandle must be NULL if the error status is returned by gBS->LoadImage().
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9838 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'EdkShellBinPkg/ReadMe.txt')
| -rw-r--r-- | EdkShellBinPkg/ReadMe.txt | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/EdkShellBinPkg/ReadMe.txt b/EdkShellBinPkg/ReadMe.txt index e4a2e335d8..75a2f60cd5 100644 --- a/EdkShellBinPkg/ReadMe.txt +++ b/EdkShellBinPkg/ReadMe.txt @@ -1,10 +1,11 @@ -The binaries of EdkShellBinPkg are generated with Efi-Shell-Dev-Snapshot-20091214.zip and build with Edk Compatibility & BaseTools Package
+The binaries of EdkShellBinPkg are generated with Efi-Shell-Dev-Snapshot-20091214.zip (plus a security hot-fix see EdkShellbinPkg\SecurityPatch.diff) and build with Edk Compatibility & BaseTools Package
(r9623)
The following steps can help to re-generate these binaries for customization:
1. Check out EdkCompatibilityPkg (r9623) to $(WORKSPACE)\EdkCompatibilityPkg (svn https://edk2.tianocore.org/svn/edk2/trunk/edk2/EdkCompatibilityPkg).
2. Check out EdkShellPkg(r9623) to $(WORKSPACE)\EdkShellPkg (svn https://edk2.tianocore.org/svn/edk2/trunk/edk2/EdkShellPkg).
-3 Check out Edk Shell project source (r36) to $(WORKSPACE) (svn https://efi-shell.tianocore.org/svn/efi-shell/trunk/Shell). It is read-only and current revison (r36) is identical to Efi-Shell-Dev-Snapshot-20091214.zip.
+3a.Check out Edk Shell project source (r36) to $(WORKSPACE) (svn https://efi-shell.tianocore.org/svn/efi-shell/trunk/Shell). It is read-only and current revison (r36) is identical to Efi-Shell-Dev-Snapshot-20091214.zip.
+3b.Apply the security hot fix in EdkShellBinPkg\SecurityPatch.diff to patch in Shell\shellenv\exec.c
4. Update to the newest BaseTools package. (r9623 or later)
5. Under workspace directory (i.e. c:\EdkII),
To generate Minimum Shell, execute: "build -a IA32 -a X64 -a IPF -p EdkShellPkg\EdkShellPkg.dsc -m EdkShellPkg\Shell\Shell.inf"
|