|
|
189790d |
From d3a9d4e8404e0f402fb371066f0e405ed3cecc29 Mon Sep 17 00:00:00 2001
|
|
|
189790d |
From: Matthew Garrett <mjg@redhat.com>
|
|
|
189790d |
Date: Tue, 14 Aug 2012 06:50:00 -0400
|
|
|
189790d |
Subject: [PATCH] Use the file size, not the image size field, for
|
|
|
189790d |
verification.
|
|
|
189790d |
|
|
|
189790d |
---
|
|
|
189790d |
shim.c | 11 ++++++-----
|
|
|
189790d |
1 file changed, 6 insertions(+), 5 deletions(-)
|
|
|
189790d |
|
|
|
d9982da |
diff --git a/shim.c b/shim.c
|
|
|
189790d |
index 2d9044d..6a3c054 100644
|
|
|
d9982da |
--- a/shim.c
|
|
|
d9982da |
+++ b/shim.c
|
|
|
d9982da |
@@ -555,7 +555,7 @@ done:
|
|
|
d9982da |
/*
|
|
|
d9982da |
* Read the binary header and grab appropriate information from it
|
|
|
d9982da |
*/
|
|
|
d9982da |
-static EFI_STATUS read_header(void *data,
|
|
|
d9982da |
+static EFI_STATUS read_header(void *data, unsigned int datasize,
|
|
|
d9982da |
PE_COFF_LOADER_IMAGE_CONTEXT *context)
|
|
|
d9982da |
{
|
|
|
d9982da |
EFI_IMAGE_DOS_HEADER *DosHdr = data;
|
|
|
d9982da |
@@ -590,7 +590,7 @@ static EFI_STATUS read_header(void *data,
|
|
|
d9982da |
context->FirstSection = (EFI_IMAGE_SECTION_HEADER *)((char *)PEHdr + PEHdr->Pe32.FileHeader.SizeOfOptionalHeader + sizeof(UINT32) + sizeof(EFI_IMAGE_FILE_HEADER));
|
|
|
d9982da |
context->SecDir = (EFI_IMAGE_DATA_DIRECTORY *) &PEHdr->Pe32Plus.OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];
|
|
|
d9982da |
|
|
|
d9982da |
- if (context->SecDir->VirtualAddress >= context->ImageSize) {
|
|
|
d9982da |
+ if (context->SecDir->VirtualAddress >= datasize) {
|
|
|
d9982da |
Print(L"Malformed security header\n");
|
|
|
d9982da |
return EFI_INVALID_PARAMETER;
|
|
|
d9982da |
}
|
|
|
d9982da |
@@ -606,7 +606,8 @@ static EFI_STATUS read_header(void *data,
|
|
|
d9982da |
/*
|
|
|
d9982da |
* Once the image has been loaded it needs to be validated and relocated
|
|
|
d9982da |
*/
|
|
|
d9982da |
-static EFI_STATUS handle_grub (void *data, int datasize, EFI_LOADED_IMAGE *li)
|
|
|
d9982da |
+static EFI_STATUS handle_grub (void *data, unsigned int datasize,
|
|
|
d9982da |
+ EFI_LOADED_IMAGE *li)
|
|
|
d9982da |
{
|
|
|
d9982da |
EFI_STATUS efi_status;
|
|
|
d9982da |
char *buffer;
|
|
|
d9982da |
@@ -615,7 +616,7 @@ static EFI_STATUS handle_grub (void *data, int datasize, EFI_LOADED_IMAGE *li)
|
|
|
d9982da |
char *base, *end;
|
|
|
d9982da |
PE_COFF_LOADER_IMAGE_CONTEXT context;
|
|
|
d9982da |
|
|
|
d9982da |
- efi_status = read_header(data, &context);
|
|
|
d9982da |
+ efi_status = read_header(data, datasize, &context);
|
|
|
d9982da |
if (efi_status != EFI_SUCCESS) {
|
|
|
d9982da |
Print(L"Failed to read header\n");
|
|
|
d9982da |
return efi_status;
|
|
|
d9982da |
@@ -843,7 +844,7 @@ EFI_STATUS shim_verify (void *buffer, UINT32 size)
|
|
|
d9982da |
if (!secure_mode())
|
|
|
d9982da |
return EFI_SUCCESS;
|
|
|
d9982da |
|
|
|
d9982da |
- status = read_header(buffer, &context);
|
|
|
d9982da |
+ status = read_header(buffer, size, &context);
|
|
|
d9982da |
|
|
|
d9982da |
if (status != EFI_SUCCESS)
|
|
|
d9982da |
return status;
|
|
|
189790d |
--
|
|
|
189790d |
1.7.11.2
|
|
|
189790d |
|