From 3e8670718dc8d10266a5bedfad2bc1de1ec3149a Mon Sep 17 00:00:00 2001 From: ydong10 Date: Fri, 25 May 2012 05:04:13 +0000 Subject: Refine logic about validate boot option. Signed-off-by: Eric Dong Reviewed-by: Liming Gao git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13362 6f19259b-4bc3-4df7-8a09-765794883524 --- .../Library/GenericBdsLib/BdsMisc.c | 54 ++++++---------------- 1 file changed, 13 insertions(+), 41 deletions(-) (limited to 'IntelFrameworkModulePkg') diff --git a/IntelFrameworkModulePkg/Library/GenericBdsLib/BdsMisc.c b/IntelFrameworkModulePkg/Library/GenericBdsLib/BdsMisc.c index ada77d2..0a034cd 100644 --- a/IntelFrameworkModulePkg/Library/GenericBdsLib/BdsMisc.c +++ b/IntelFrameworkModulePkg/Library/GenericBdsLib/BdsMisc.c @@ -455,7 +455,7 @@ GetDevicePathSizeEx ( bigger than MaxStringLen, return length 0 to indicate that this is an invalidate string. - This function returns the number of Unicode characters in the Null-terminated + This function returns the byte length of Unicode characters in the Null-terminated Unicode string specified by String. If String is NULL, then ASSERT(). @@ -479,13 +479,13 @@ StrSizeEx ( ASSERT (String != NULL && MaxStringLen != 0); ASSERT (((UINTN) String & BIT0) == 0); - for (Length = 0; *String != L'\0' && MaxStringLen != Length; String++, Length++); + for (Length = 0; *String != L'\0' && MaxStringLen != Length; String++, Length+=2); if (*String != L'\0' && MaxStringLen == Length) { return 0; } - return (Length + 1) * sizeof (*String); + return Length + 2; } /** @@ -507,9 +507,12 @@ ValidateOption ( UINT16 FilePathSize; UINT8 *TempPtr; EFI_DEVICE_PATH_PROTOCOL *DevicePath; - EFI_DEVICE_PATH_PROTOCOL *TempPath; UINTN TempSize; + if (VariableSize <= sizeof (UINT16) + sizeof (UINT32)) { + return FALSE; + } + // // Skip the option attribute // @@ -525,14 +528,14 @@ ValidateOption ( // // Get the option's description string size // - TempSize = StrSizeEx ((CHAR16 *) TempPtr, VariableSize); + TempSize = StrSizeEx ((CHAR16 *) TempPtr, VariableSize - sizeof (UINT16) - sizeof (UINT32)); TempPtr += TempSize; // // Get the option's device path // DevicePath = (EFI_DEVICE_PATH_PROTOCOL *) TempPtr; - TempPtr += FilePathSize; + TempPtr += FilePathSize; // // Validation boot option variable. @@ -541,21 +544,11 @@ ValidateOption ( return FALSE; } - if (TempSize + FilePathSize + sizeof (UINT16) + sizeof (UINT16) > VariableSize) { + if (TempSize + FilePathSize + sizeof (UINT16) + sizeof (UINT32) > VariableSize) { return FALSE; } - TempPath = DevicePath; - while (FilePathSize > 0) { - TempSize = GetDevicePathSizeEx (TempPath, FilePathSize); - if (TempSize == 0) { - return FALSE; - } - FilePathSize = (UINT16) (FilePathSize - TempSize); - TempPath += TempSize; - } - - return TRUE; + return GetDevicePathSizeEx (DevicePath, FilePathSize) != 0; } /** @@ -608,13 +601,12 @@ BdsLibVariableToOption ( UINT8 *TempPtr; UINTN VariableSize; EFI_DEVICE_PATH_PROTOCOL *DevicePath; - EFI_DEVICE_PATH_PROTOCOL *TempPath; BDS_COMMON_OPTION *Option; VOID *LoadOptions; UINT32 LoadOptionsSize; CHAR16 *Description; UINT8 NumOff; - UINTN TempSize; + // // Read the variable. We will never free this data. // @@ -659,11 +651,7 @@ BdsLibVariableToOption ( // // Get the option's description string size // - TempSize = StrSizeEx ((CHAR16 *) TempPtr, VariableSize); - if (TempSize == 0) { - return NULL; - } - TempPtr += TempSize; + TempPtr += StrSize((CHAR16 *) TempPtr); // // Get the option's device path @@ -672,25 +660,9 @@ BdsLibVariableToOption ( TempPtr += FilePathSize; // - // Validation device path. - // - TempPath = DevicePath; - while (FilePathSize > 0) { - TempSize = GetDevicePathSizeEx (TempPath, FilePathSize); - if (TempSize == 0) { - return NULL; - } - FilePathSize = (UINT16) (FilePathSize - TempSize); - TempPath += TempSize; - } - - // // Get load opion data. // LoadOptions = TempPtr; - if (VariableSize < (UINTN)(TempPtr - Variable)) { - return NULL; - } LoadOptionsSize = (UINT32) (VariableSize - (UINTN) (TempPtr - Variable)); // -- cgit v1.1