From dc204d5a0fd64d1ccbc90ebea827e7ad73b71f4d Mon Sep 17 00:00:00 2001 From: jyao1 Date: Tue, 12 Jun 2012 08:28:43 +0000 Subject: Add comment for modules which have external input. signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Universal/CapsulePei/CapsulePei.inf | 7 ++++++- MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf | 5 +++++ MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c | 12 ++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) (limited to 'MdeModulePkg/Universal/CapsulePei') diff --git a/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf b/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf index 8f9ebfb8ba..8f96d9ec8a 100644 --- a/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf +++ b/MdeModulePkg/Universal/CapsulePei/CapsulePei.inf @@ -3,7 +3,12 @@ # # Capsule update module supports EFI and UEFI. # -# Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.
+# Caution: This module requires additional review when modified. +# This driver will have external input - capsule image. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# +# Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.
# # This program and the accompanying materials # are licensed and made available under the terms and conditions diff --git a/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf b/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf index 6242cc69d0..1c155ce5f3 100644 --- a/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf +++ b/MdeModulePkg/Universal/CapsulePei/CapsuleX64.inf @@ -4,6 +4,11 @@ # The X64 entrypoint to process capsule in long mode. # This module is built as X64. # +# Caution: This module requires additional review when modified. +# This driver will have external input - capsule image. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# # Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
# # This program and the accompanying materials diff --git a/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c b/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c index 32b7dccec8..7ed15ef2af 100644 --- a/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c +++ b/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c @@ -1,6 +1,14 @@ /** @file The logic to process capsule. + Caution: This module requires additional review when modified. + This driver will have external input - capsule image. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + CapsuleDataCoalesce() will do basic validation before coalesce capsule data + into memory. + Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -792,6 +800,10 @@ BuildCapsuleDescriptors ( | PrivateDataDesc 0 | MemBase ---->+---------------------------+<----- BlockList + Caution: This function may receive untrusted input. + The capsule data is external input, so this routine will do basic validation before + coalesce capsule data into memory. + @param PeiServices General purpose services available to every PEIM. @param BlockListBuffer Point to the buffer of Capsule Descriptor Variables. @param MemoryBase Pointer to the base of a block of memory that we can walk -- cgit v1.2.3