summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Jones <pjones@redhat.com>2013-10-03 17:04:30 -0400
committerPeter Jones <pjones@redhat.com>2013-10-03 17:04:45 -0400
commit8c46e07fec170f87a0ab3d9091933cf128258fab (patch)
treeb1106ef6fd46c7236dd6cb3345efb41737e63f03
parentfc986307fb200fdf493b9dd083ad39ae3561b0c9 (diff)
downloadefi-boot-shim-8c46e07fec170f87a0ab3d9091933cf128258fab.tar.gz
efi-boot-shim-8c46e07fec170f87a0ab3d9091933cf128258fab.zip
Improve PE image bounds checking.
Signed-off-by: Peter Jones <pjones@redhat.com>
Diffstat
-rw-r--r--shim.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/shim.c b/shim.c
index 873fd2ed..ebd7f0dd 100644
--- a/shim.c
+++ b/shim.c
@@ -144,10 +144,18 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context,
Adjust = (UINT64)data - context->ImageAddress;
+ if (Adjust == 0)
+ return EFI_SUCCESS;
+
while (RelocBase < RelocBaseEnd) {
Reloc = (UINT16 *) ((char *) RelocBase + sizeof (EFI_IMAGE_BASE_RELOCATION));
- RelocEnd = (UINT16 *) ((char *) RelocBase + RelocBase->SizeOfBlock);
+ if ((RelocBase->SizeOfBlock == 0) || (RelocBase->SizeOfBlock > context->RelocDir->Size)) {
+ Print(L"Reloc block size is invalid\n");
+ return EFI_UNSUPPORTED;
+ }
+
+ RelocEnd = (UINT16 *) ((char *) RelocBase + RelocBase->SizeOfBlock);
if ((void *)RelocEnd < data || (void *)RelocEnd > ImageEnd) {
Print(L"Reloc entry overflows binary\n");
return EFI_UNSUPPORTED;
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-15 09:50:17 +0000