Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=535 Cc: Liming Gao <liming....@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Yonghong Zhu <yonghong....@intel.com> --- BaseTools/Source/C/GenCrc32/GenCrc32.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/BaseTools/Source/C/GenCrc32/GenCrc32.c b/BaseTools/Source/C/GenCrc32/GenCrc32.c index e1e11c6..5153587 100644 --- a/BaseTools/Source/C/GenCrc32/GenCrc32.c +++ b/BaseTools/Source/C/GenCrc32/GenCrc32.c @@ -1,9 +1,9 @@ /** @file Calculate Crc32 value and Verify Crc32 value for input data. -Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -78,11 +78,11 @@ Returns: fprintf (stdout, "Usage: GenCrc32 -e|-d [options] <input_file>\n\n"); // // Copyright declaration // - fprintf (stdout, "Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.\n\n"); + fprintf (stdout, "Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.\n\n"); // // Details Option // fprintf (stdout, "optional arguments:\n"); @@ -324,10 +324,14 @@ Returns: VerboseMsg ("the size of the encoded file is %u bytes", (unsigned) FileSize + sizeof (UINT32)); } else { // // Verify Crc32 Value // + if (FileSize < sizeof (UINT32)) { + Error (NULL, 0, 3000, "Invalid", "Input file is invalid!"); + goto Finish; + } Status = CalculateCrc32 (FileBuffer + sizeof (UINT32), FileSize - sizeof (UINT32), &Crc32Value); if (Status != EFI_SUCCESS) { Error (NULL, 0, 3000, "Invalid", "Calculate CRC32 value failed!"); goto Finish; } -- 2.6.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel