summaryrefslogtreecommitdiff
path: root/MdeModulePkg
diff options
context:
space:
mode:
Diffstat (limited to 'MdeModulePkg')
-rw-r--r--MdeModulePkg/Universal/CapsulePei/CapsulePei.inf7
-rw-r--r--MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf5
-rw-r--r--MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c12
-rw-r--r--MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c42
-rw-r--r--MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf9
5 files changed, 66 insertions, 9 deletions
diff --git a/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf b/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
index 8f9ebfb8ba..8f96d9ec8a 100644
--- a/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
+++ b/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
@@ -3,7 +3,12 @@
#
# Capsule update module supports EFI and UEFI.
#
-# Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+# Caution: This module requires additional review when modified.
+# This driver will have external input - capsule image.
+# This external input must be validated carefully to avoid security issue like
+# buffer overflow, integer overflow.
+#
+# Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions
diff --git a/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf b/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf
index 6242cc69d0..1c155ce5f3 100644
--- a/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf
+++ b/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf
@@ -4,6 +4,11 @@
# The X64 entrypoint to process capsule in long mode.
# This module is built as X64.
#
+# Caution: This module requires additional review when modified.
+# This driver will have external input - capsule image.
+# This external input must be validated carefully to avoid security issue like
+# buffer overflow, integer overflow.
+#
# Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
diff --git a/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c b/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c
index 32b7dccec8..7ed15ef2af 100644
--- a/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c
+++ b/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c
@@ -1,6 +1,14 @@
/** @file
The logic to process capsule.
+ Caution: This module requires additional review when modified.
+ This driver will have external input - capsule image.
+ This external input must be validated carefully to avoid security issue like
+ buffer overflow, integer overflow.
+
+ CapsuleDataCoalesce() will do basic validation before coalesce capsule data
+ into memory.
+
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -792,6 +800,10 @@ BuildCapsuleDescriptors (
| PrivateDataDesc 0 |
MemBase ---->+---------------------------+<----- BlockList
+ Caution: This function may receive untrusted input.
+ The capsule data is external input, so this routine will do basic validation before
+ coalesce capsule data into memory.
+
@param PeiServices General purpose services available to every PEIM.
@param BlockListBuffer Point to the buffer of Capsule Descriptor Variables.
@param MemoryBase Pointer to the base of a block of memory that we can walk
diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
index 6caec01a6c..a3910041a3 100644
--- a/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Gpt.c
@@ -2,7 +2,18 @@
Decode a hard disk partitioned with the GPT scheme in the UEFI 2.0
specification.
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+ Caution: This file requires additional review when modified.
+ This driver will have external input - disk partition.
+ This external input must be validated carefully to avoid security issue like
+ buffer overflow, integer overflow.
+
+ PartitionInstallGptChildHandles() routine will read disk partition content and
+ do basic validation before PartitionInstallChildHandle().
+
+ PartitionValidGptTable(), PartitionCheckGptEntry() routine will accept disk
+ partition content and validate the GPT table and GPT entry.
+
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -19,6 +30,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
/**
Install child handles if the Handle supports GPT partition structure.
+ Caution: This function may receive untrusted input.
+ The GPT partition table header is external input, so this routine
+ will do basic validation for GPT partition table header before return.
+
@param[in] BlockIo Parent BlockIo interface.
@param[in] DiskIo Disk Io protocol.
@param[in] Lba The starting Lba of the Partition Table
@@ -77,8 +92,11 @@ PartitionRestoreGptTable (
/**
- Restore Partition Table to its alternate place.
- (Primary -> Backup or Backup -> Primary)
+ This routine will check GPT partition entry and return entry status.
+
+ Caution: This function may receive untrusted input.
+ The GPT partition entry is external input, so this routine
+ will do basic validation for GPT partition entry and report status.
@param[in] PartHeader Partition table header structure
@param[in] PartEntry The partition entry array
@@ -158,6 +176,11 @@ PartitionSetCrc (
/**
Install child handles if the Handle supports GPT partition structure.
+ Caution: This function may receive untrusted input.
+ The GPT partition table is external input, so this routine
+ will do basic validation for GPT partition table before install
+ child handle for each GPT partition.
+
@param[in] This Calling context.
@param[in] Handle Parent Handle.
@param[in] DiskIo Parent DiskIo interface.
@@ -411,7 +434,11 @@ Done:
}
/**
- Install child handles if the Handle supports GPT partition structure.
+ This routine will read GPT partition table header and return it.
+
+ Caution: This function may receive untrusted input.
+ The GPT partition table header is external input, so this routine
+ will do basic validation for GPT partition table header before return.
@param[in] BlockIo Parent BlockIo interface.
@param[in] DiskIo Disk Io protocol.
@@ -640,8 +667,11 @@ Done:
}
/**
- Restore Partition Table to its alternate place.
- (Primary -> Backup or Backup -> Primary)
+ This routine will check GPT partition entry and return entry status.
+
+ Caution: This function may receive untrusted input.
+ The GPT partition entry is external input, so this routine
+ will do basic validation for GPT partition entry and report status.
@param[in] PartHeader Partition table header structure
@param[in] PartEntry The partition entry array
diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf b/MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
index cf5090fb7c..aac20a13b1 100644
--- a/MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+++ b/MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
@@ -6,8 +6,13 @@
# the bytes from Start to End of the Parent Block I/O device.
# The partition of physical BlockIo device supported is one of legacy MBR, GPT,
# and "El Torito" partitions.
-#
-# Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+#
+# Caution: This module requires additional review when modified.
+# This driver will have external input - disk partition.
+# This external input must be validated carefully to avoid security issue like
+# buffer overflow, integer overflow.
+#
+# Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at