diff options
author | qhuang8 <qhuang8@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-01-27 14:49:47 +0000 |
---|---|---|
committer | qhuang8 <qhuang8@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-01-27 14:49:47 +0000 |
commit | 6dec88649aefe8c302d32871adfe791407911788 (patch) | |
tree | cb30fb49d8df2abca11041e8439418d2b5567fc5 /EdkShellBinPkg/SecurityPatch.diff | |
parent | 90f1486c8ebc891e3c69fc98d8efa372b0c4806c (diff) | |
download | edk2-platforms-6dec88649aefe8c302d32871adfe791407911788.tar.xz |
Fix a security hole in shell binaries:
For gBS->LoadImage() if the return status is EFI_SECURITY_VIOLATION, the image handle may not be NULL.
Shell environment should not have the assumption that the output ImageHandle must be NULL if the error status is returned by gBS->LoadImage().
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9838 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'EdkShellBinPkg/SecurityPatch.diff')
-rw-r--r-- | EdkShellBinPkg/SecurityPatch.diff | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/EdkShellBinPkg/SecurityPatch.diff b/EdkShellBinPkg/SecurityPatch.diff new file mode 100644 index 0000000000..01a05c065a --- /dev/null +++ b/EdkShellBinPkg/SecurityPatch.diff @@ -0,0 +1,15 @@ +Index: shellenv/exec.c
+===================================================================
+--- shellenv/exec.c (revision 36)
++++ shellenv/exec.c (working copy)
+@@ -2079,6 +2079,10 @@
+ if (!EFI_ERROR (Status)) { + goto Done; + } else { ++ // ++ // Set ImageHandle to NULL if any error status is returned. ++ // ++ ImageHandle = NULL; + Status = LibGetImageHeader ( + DevicePath, + &DosHeader, |