diff options
| author | ydong10 <ydong10@6f19259b-4bc3-4df7-8a09-765794883524> | 2012-04-24 03:00:32 +0000 |
|---|---|---|
| committer | ydong10 <ydong10@6f19259b-4bc3-4df7-8a09-765794883524> | 2012-04-24 03:00:32 +0000 |
| commit | 28186d45660c92b8d98b8b19b5f8e6ff71ea5fba (patch) | |
| tree | 256d494851b79fcc27adb0e51586337b4a161390 /MdeModulePkg | |
| parent | 035da677c8d4967d548ae1c81fa546075463cf27 (diff) | |
| download | edk2-platforms-28186d45660c92b8d98b8b19b5f8e6ff71ea5fba.tar.xz | |
Validate some fields in PE image to make sure not access violation for later code.
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13211 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg')
| -rw-r--r-- | MdeModulePkg/Core/Dxe/Image/Image.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c index abafa222e7..e51a9fe174 100644 --- a/MdeModulePkg/Core/Dxe/Image/Image.c +++ b/MdeModulePkg/Core/Dxe/Image/Image.c @@ -1,7 +1,7 @@ /** @file
Core image handling services to load and unload PeImage.
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -232,6 +232,14 @@ CoreReadImageFile ( UINTN EndPosition;
IMAGE_FILE_HANDLE *FHand;
+ if (UserHandle == NULL || ReadSize == NULL || Buffer == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if (MAX_ADDRESS - Offset < *ReadSize) {
+ return EFI_INVALID_PARAMETER;
+ }
+
FHand = (IMAGE_FILE_HANDLE *)UserHandle;
ASSERT (FHand->Signature == IMAGE_FILE_HANDLE_SIGNATURE);
|