Add comment for modules which have external input.

signed-off-by: jiewen.yao@intel.com
reviewed-by: guo.dong@intel.com
reviewed-by: ting.ye@intel.com
reviewed-by: liming.gao@intel.com
reviewed-by: elvin.li@intel.com



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524

1 files changed, 12 insertions, 0 deletions

diff --git a/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c b/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c
index 32b7dcc..7ed15ef 100644
--- a/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c
+++ b/MdeModulePkg/Universal/CapsulePei/Common/CapsuleCoalesce.c
@@ -1,6 +1,14 @@
 /** @file

   The logic to process capsule.

 

+  Caution: This module requires additional review when modified.

+  This driver will have external input - capsule image.

+  This external input must be validated carefully to avoid security issue like

+  buffer overflow, integer overflow.

+

+  CapsuleDataCoalesce() will do basic validation before coalesce capsule data

+  into memory.

+

 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>

 This program and the accompanying materials

 are licensed and made available under the terms and conditions of the BSD License

@@ -792,6 +800,10 @@ BuildCapsuleDescriptors (
                    |    PrivateDataDesc 0      |

       MemBase ---->+---------------------------+<----- BlockList

 

+  Caution: This function may receive untrusted input.

+  The capsule data is external input, so this routine will do basic validation before

+  coalesce capsule data into memory.

+

   @param PeiServices        General purpose services available to every PEIM.

   @param BlockListBuffer    Point to the buffer of Capsule Descriptor Variables.

   @param MemoryBase         Pointer to the base of a block of memory that we can walk