From 4d832aabbf0e917d1e66e78f3954d4bd46aa50e0 Mon Sep 17 00:00:00 2001 From: oliviermartin Date: Tue, 13 Dec 2011 09:42:36 +0000 Subject: SecurityPkg/VariableAuthenticated: Check if there is a NV Variable Storage header prior to use its attributes The Variable PEI and RuntimeDxe drivers were using the attribute 'HeaderLength' of EFI_FIRMWARE_VOLUME_HEADER without checking if a Firmware Volume Header was existing at the base address. In case the Firmware Volume Header does not exist or is corrupted, the attribute 'HeaderLength' is a non valid value that can lead to a non valid physical address when accessing produces an access error. Signed-off-by: oliviermartin Reviewed-by: rsun3 Reviewed-by: niruiyu git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12845 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h | 1 + 1 file changed, 1 insertion(+) (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h') diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h index 91c7b4aac0..58d1e5a8cd 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h @@ -39,6 +39,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include +#include #define VARIABLE_RECLAIM_THRESHOLD (1024) -- cgit v1.2.3