From dc204d5a0fd64d1ccbc90ebea827e7ad73b71f4d Mon Sep 17 00:00:00 2001 From: jyao1 Date: Tue, 12 Jun 2012 08:28:43 +0000 Subject: Add comment for modules which have external input. signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524 --- MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 22 ++++++++++++++++++++-- MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf | 7 ++++++- 2 files changed, 26 insertions(+), 3 deletions(-) (limited to 'MdePkg/Library') diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c index e44f04c799..71089bbb0d 100644 --- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c @@ -2,6 +2,19 @@ Base PE/COFF loader supports loading any PE32/PE32+ or TE image, but only supports relocating IA32, x64, IPF, and EBC images. + Caution: This file requires additional review when modified. + This library will have external input - PE/COFF image. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + The basic guideline is that caller need provide ImageContext->ImageRead () with the + necessary data range check, to make sure when this library reads PE/COFF image, the + PE image buffer is always in valid range. + This library will also do some additional check for PE header fields. + + PeCoffLoaderGetPeHeader() routine will do basic check for PE/COFF header. + PeCoffLoaderGetImageInfo() routine will do basic check for whole PE/COFF image. + Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.
Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
This program and the accompanying materials @@ -48,7 +61,10 @@ PeCoffLoaderGetPeHeaderMagicValue ( /** Retrieves the PE or TE Header from a PE/COFF or TE image. - Also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, + + Caution: This function may receive untrusted input. + PE/COFF image is external input, so this routine will + also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, SizeOfHeader, Section Data Region and Security Data Region be in PE image range. @param ImageContext The context of the image being loaded. @@ -376,7 +392,9 @@ PeCoffLoaderGetPeHeader ( The ImageRead and Handle fields of ImageContext structure must be valid prior to invoking this service. - Also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, + Caution: This function may receive untrusted input. + PE/COFF image is external input, so this routine will + also done many checks in PE image to make sure PE image DosHeader, PeOptionHeader, SizeOfHeader, Section Data Region and Security Data Region be in PE image range. @param ImageContext The pointer to the image context structure that describes the PE/COFF diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf b/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf index 45fdc2196d..470ae88406 100644 --- a/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf +++ b/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf @@ -4,7 +4,12 @@ # The IA32 version library support loading IA32, X64 and EBC PE/COFF images. # The X64 version library support loading IA32, X64 and EBC PE/COFF images. # -# Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.
+# Caution: This module requires additional review when modified. +# This library will have external input - PE/COFF image. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# +# Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.
# Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.
# # This program and the accompanying materials -- cgit v1.2.3