From a876037a0d4b91638fcb6274bd7a976f8318a7e2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 11 Apr 2014 15:05:24 -0400
Subject: [PATCH 24/74] Kees' patch missed the offset adjustment to PEHdr.
In read_header, we adjust context->PEHdr's address by doshdr->e_lfanew.
If we're going to recompute that address, we have to adjust it here
too.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
shim.c | 26 +++++++++++++++++++-------
1 file changed, 19 insertions(+), 7 deletions(-)
diff --git a/shim.c b/shim.c
index 8c583a4..d06bd02 100644
--- a/shim.c
+++ b/shim.c
@@ -511,12 +511,8 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
EFI_IMAGE_SECTION_HEADER *SectionHeader = NULL;
EFI_IMAGE_SECTION_HEADER *SectionCache;
EFI_STATUS status = EFI_SUCCESS;
-
- sha256ctxsize = Sha256GetContextSize();
- sha256ctx = AllocatePool(sha256ctxsize);
-
- sha1ctxsize = Sha1GetContextSize();
- sha1ctx = AllocatePool(sha1ctxsize);
+ EFI_IMAGE_DOS_HEADER *DosHdr = (void *)data;
+ unsigned int PEHdr_offset = 0;
if (datasize_in < 0) {
Print(L"Invalid data size\n");
@@ -524,6 +520,19 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
}
size = datasize = (unsigned int)datasize_in;
+ if (datasize <= sizeof (*DosHdr) ||
+ DosHdr->e_magic != EFI_IMAGE_DOS_SIGNATURE) {
+ Print(L"Invalid signature\n");
+ return EFI_INVALID_PARAMETER;
+ }
+ PEHdr_offset = DosHdr->e_lfanew;
+
+ sha256ctxsize = Sha256GetContextSize();
+ sha256ctx = AllocatePool(sha256ctxsize);
+
+ sha1ctxsize = Sha1GetContextSize();
+ sha1ctx = AllocatePool(sha1ctxsize);
+
if (!sha256ctx || !sha1ctx) {
Print(L"Unable to allocate memory for hash context\n");
return EFI_OUT_OF_RESOURCES;
@@ -590,6 +599,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
/* Validate SectionPtr is within image */
SectionPtr = ImageAddress(data, datasize,
+ PEHdr_offset +
sizeof (UINT32) +
sizeof (EFI_IMAGE_FILE_HEADER) +
context->PEHdr->Pe32.FileHeader.SizeOfOptionalHeader +
@@ -617,7 +627,9 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
}
/* Already validated above */
- Section = ImageAddress(data, datasize, sizeof (UINT32) +
+ Section = ImageAddress(data, datasize,
+ PEHdr_offset +
+ sizeof (UINT32) +
sizeof (EFI_IMAGE_FILE_HEADER) +
context->PEHdr->Pe32.FileHeader.SizeOfOptionalHeader);
--
1.9.3