arrfab / rpms / shim

Forked from rpms/shim 4 years ago
Clone
Blob Blame History Raw
From a876037a0d4b91638fcb6274bd7a976f8318a7e2 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 11 Apr 2014 15:05:24 -0400
Subject: [PATCH 24/74] Kees' patch missed the offset adjustment to PEHdr.

In read_header, we adjust context->PEHdr's address by doshdr->e_lfanew.
If we're going to recompute that address, we have to adjust it here
too.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 shim.c | 26 +++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/shim.c b/shim.c
index 8c583a4..d06bd02 100644
--- a/shim.c
+++ b/shim.c
@@ -511,12 +511,8 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
 	EFI_IMAGE_SECTION_HEADER  *SectionHeader = NULL;
 	EFI_IMAGE_SECTION_HEADER  *SectionCache;
 	EFI_STATUS status = EFI_SUCCESS;
-
-	sha256ctxsize = Sha256GetContextSize();
-	sha256ctx = AllocatePool(sha256ctxsize);
-
-	sha1ctxsize = Sha1GetContextSize();
-	sha1ctx = AllocatePool(sha1ctxsize);
+	EFI_IMAGE_DOS_HEADER *DosHdr = (void *)data;
+	unsigned int PEHdr_offset = 0;
 
 	if (datasize_in < 0) {
 		Print(L"Invalid data size\n");
@@ -524,6 +520,19 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
 	}
 	size = datasize = (unsigned int)datasize_in;
 
+	if (datasize <= sizeof (*DosHdr) ||
+	    DosHdr->e_magic != EFI_IMAGE_DOS_SIGNATURE) {
+		Print(L"Invalid signature\n");
+		return EFI_INVALID_PARAMETER;
+	}
+	PEHdr_offset = DosHdr->e_lfanew;
+
+	sha256ctxsize = Sha256GetContextSize();
+	sha256ctx = AllocatePool(sha256ctxsize);
+
+	sha1ctxsize = Sha1GetContextSize();
+	sha1ctx = AllocatePool(sha1ctxsize);
+
 	if (!sha256ctx || !sha1ctx) {
 		Print(L"Unable to allocate memory for hash context\n");
 		return EFI_OUT_OF_RESOURCES;
@@ -590,6 +599,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
 
 		/* Validate SectionPtr is within image */
 		SectionPtr = ImageAddress(data, datasize,
+			PEHdr_offset +
 			sizeof (UINT32) +
 			sizeof (EFI_IMAGE_FILE_HEADER) +
 			context->PEHdr->Pe32.FileHeader.SizeOfOptionalHeader +
@@ -617,7 +627,9 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
 	}
 
 	/* Already validated above */
-	Section = ImageAddress(data, datasize, sizeof (UINT32) +
+	Section = ImageAddress(data, datasize,
+		PEHdr_offset +
+		sizeof (UINT32) +
 		sizeof (EFI_IMAGE_FILE_HEADER) +
 		context->PEHdr->Pe32.FileHeader.SizeOfOptionalHeader);
 
-- 
1.9.3