From 969ece79f161fb4ddcb2b370af7975a66b8f58e7 Mon Sep 17 00:00:00 2001 From: oliviermartin Date: Mon, 15 Aug 2011 16:06:53 +0000 Subject: EmbeddedPkg/MmcDxe: Improved parameters checking Ensure the passed parameters are correct. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12129 6f19259b-4bc3-4df7-8a09-765794883524 --- EmbeddedPkg/Universal/MmcDxe/MmcBlockIo.c | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'EmbeddedPkg/Universal/MmcDxe') diff --git a/EmbeddedPkg/Universal/MmcDxe/MmcBlockIo.c b/EmbeddedPkg/Universal/MmcDxe/MmcBlockIo.c index cd04369652..887cb96a16 100644 --- a/EmbeddedPkg/Universal/MmcDxe/MmcBlockIo.c +++ b/EmbeddedPkg/Universal/MmcDxe/MmcBlockIo.c @@ -424,7 +424,7 @@ MmcIoBlocks ( UINT32 Response[4]; EFI_STATUS Status; UINTN CardSize, NumBlocks, BlockSize, CmdArg; - UINTN Timeout; + INTN Timeout; UINTN Cmd; MMC_HOST_INSTANCE *MmcHostInstance; EFI_MMC_HOST_PROTOCOL *MmcHost; @@ -436,7 +436,7 @@ MmcIoBlocks ( MmcHost = MmcHostInstance->MmcHost; ASSERT(MmcHost); - if (MmcHost == 0) { + if ((MmcHost == 0)|| (Buffer == NULL)) { return EFI_INVALID_PARAMETER; } @@ -445,7 +445,7 @@ MmcIoBlocks ( return EFI_NO_MEDIA; } - // If the driver has not been initialized yet then go into Iddentification Mode + // If the driver has not been initialized yet then go into Identification Mode if (MmcHostInstance->State == MmcHwInitializationState) { MmcIdentificationMode (MmcHostInstance); @@ -508,14 +508,24 @@ MmcIoBlocks ( } } - if (Lba > This->Media->LastBlock) { - ASSERT(0); - return EFI_INVALID_PARAMETER; + // All blocks must be within the device + if ((Lba + (BufferSize / This->Media->BlockSize)) > (This->Media->LastBlock + 1)){ + ASSERT(0); + return EFI_INVALID_PARAMETER; } - if ((BufferSize % This->Media->BlockSize) != 0) { - ASSERT(0); - return EFI_BAD_BUFFER_SIZE; + // The buffer size must not be zero and it must be an exact multiple of the block size + if ((BufferSize == 0) || ((BufferSize % This->Media->BlockSize) != 0)) { + ASSERT(0); + return EFI_BAD_BUFFER_SIZE; + } + + if (This->Media->MediaId != MediaId) { + return EFI_MEDIA_CHANGED; + } + + if((Transfer == MMC_IOBLOCKS_WRITE) && (This->Media->ReadOnly == TRUE)) { + return EFI_WRITE_PROTECTED; } BytesRemainingToBeTransfered = BufferSize; -- cgit v1.2.3