diff options
| author | Peter Jones <pjones@redhat.com> | 2017-10-19 13:45:58 -0400 |
|---|---|---|
| committer | Peter Jones <pmjones@gmail.com> | 2018-03-12 16:21:43 -0400 |
| commit | 568dc4944f851c493047ef372f4c7969bbf47431 (patch) | |
| tree | d61dda5553d8461bfb118d7a80ff5a29265d6edc | |
| parent | 91e5f5324eae88fd0da414c75fdc7c7d01ee9729 (diff) | |
| download | efi-boot-shim-568dc4944f851c493047ef372f4c7969bbf47431.tar.gz efi-boot-shim-568dc4944f851c493047ef372f4c7969bbf47431.zip | |
shim: Improve the bounds checking of ImageAddress()
Make ImageAddress() directly check for overflow in its math.
Signed-off-by: Peter Jones <pjones@redhat.com>
| -rw-r--r-- | shim.c | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -50,6 +50,8 @@ #include <Library/BaseCryptLib.h> +#include <stdint.h> + #define FALLBACK L"\\fb" EFI_ARCH L".efi" #define MOK_MANAGER L"\\mm" EFI_ARCH L".efi" @@ -111,11 +113,17 @@ typedef struct { /* * Perform basic bounds checking of the intra-image pointers */ -static void *ImageAddress (void *image, unsigned int size, unsigned int address) +static void *ImageAddress (void *image, uint64_t size, uint64_t address) { + /* ensure our local pointer isn't bigger than our size */ if (address > size) return NULL; + /* Insure our math won't overflow */ + if (UINT64_MAX - address < (uint64_t)image) + return NULL; + + /* return the absolute pointer */ return image + address; } |