[edk2] [PATCH 6/6] MdeModulePkg CapsuleApp: Check capsule header for -D and -N options

Star Zeng Thu, 26 Jul 2018 03:17:34 -0700

Then meaningful error message can be shown when the input image is
unexpected.


Cc: Michael D Kinney <michael.d.kin...@intel.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Yonghong Zhu <yonghong....@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.z...@intel.com>
---
 MdeModulePkg/Application/CapsuleApp/CapsuleApp.c  | 101 ++++++++++++++--------
 MdeModulePkg/Application/CapsuleApp/CapsuleDump.c |  23 +++++
 2 files changed, 90 insertions(+), 34 deletions(-)

diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c 
b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
index 2967b0d1dd18..894da2f2d9d5 100644
--- a/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleApp.c
@@ -363,6 +363,60 @@ GetEsrtFwType (
 }
 
 /**
+  Validate if it is valid capsule header
+
+  This function assumes the caller provided correct CapsuleHeader pointer
+  and CapsuleSize.
+
+  This function validates the fields in EFI_CAPSULE_HEADER.
+
+  @param[in] CapsuleHeader  Points to a capsule header.
+  @param[in] CapsuleSize    Size of the whole capsule image.
+
+**/
+BOOLEAN
+IsValidCapsuleHeader (
+  IN EFI_CAPSULE_HEADER     *CapsuleHeader,
+  IN UINT64                 CapsuleSize
+  )
+{
+  if (CapsuleSize < sizeof (EFI_CAPSULE_HEADER)) {
+    return FALSE;
+  }
+  if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
+    return FALSE;
+  }
+  if (CapsuleHeader->HeaderSize > CapsuleHeader->CapsuleImageSize) {
+    return FALSE;
+  }
+  if (CapsuleHeader->HeaderSize < sizeof (EFI_CAPSULE_HEADER)) {
+    return FALSE;
+  }
+
+  return TRUE;
+}
+
+/**
+  Return if this CapsuleGuid is a FMP capsule GUID or not.
+
+  @param[in] CapsuleGuid A pointer to EFI_GUID
+
+  @retval TRUE  It is a FMP capsule GUID.
+  @retval FALSE It is not a FMP capsule GUID.
+**/
+BOOLEAN
+IsFmpCapsuleGuid (
+  IN EFI_GUID  *CapsuleGuid
+  )
+{
+  if (CompareGuid(&gEfiFmpCapsuleGuid, CapsuleGuid)) {
+    return TRUE;
+  }
+
+  return FALSE;
+}
+
+/**
   Append a capsule header on top of current image.
   This function follows Windows UEFI Firmware Update Platform document.
 
@@ -407,15 +461,28 @@ CreateNestedFmp (
     Print(L"CapsuleApp: Capsule image (%s) is not found.\n", CapsuleName);
     goto Done;
   }
+  if (!IsValidCapsuleHeader (CapsuleBuffer, FileSize)) {
+    Print(L"CapsuleApp: Capsule image (%s) is not a valid capsule.\n", 
CapsuleName);
+    Status = EFI_INVALID_PARAMETER;
+    goto Done;
+  }
+
+  if (!IsFmpCapsuleGuid (&((EFI_CAPSULE_HEADER *) 
CapsuleBuffer)->CapsuleGuid)) {
+    Print(L"CapsuleApp: Capsule image (%s) is not a FMP capsule.\n", 
CapsuleName);
+    Status = EFI_INVALID_PARAMETER;
+    goto Done;
+  }
 
   ImageTypeId = GetCapsuleImageTypeId(CapsuleBuffer);
   if (ImageTypeId == NULL) {
     Print(L"CapsuleApp: Capsule ImageTypeId is not found.\n");
+    Status = EFI_INVALID_PARAMETER;
     goto Done;
   }
   FwType = GetEsrtFwType(ImageTypeId);
   if ((FwType != ESRT_FW_TYPE_SYSTEMFIRMWARE) && (FwType != 
ESRT_FW_TYPE_DEVICEFIRMWARE)) {
     Print(L"CapsuleApp: Capsule FwType is invalid.\n");
+    Status = EFI_INVALID_PARAMETER;
     goto Done;
   }
 
@@ -725,40 +792,6 @@ CleanGatherList (
 }
 
 /**
-  Validate if it is valid capsule header
-
-  This function assumes the caller provided correct CapsuleHeader pointer
-  and CapsuleSize.
-
-  This function validates the fields in EFI_CAPSULE_HEADER.
-
-  @param[in] CapsuleHeader  Points to a capsule header.
-  @param[in] CapsuleSize    Size of the whole capsule image.
-
-**/
-BOOLEAN
-IsValidCapsuleHeader (
-  IN EFI_CAPSULE_HEADER     *CapsuleHeader,
-  IN UINT64                 CapsuleSize
-  )
-{
-  if (CapsuleSize < sizeof (EFI_CAPSULE_HEADER)) {
-    return FALSE;
-  }
-  if (CapsuleHeader->CapsuleImageSize != CapsuleSize) {
-    return FALSE;
-  }
-  if (CapsuleHeader->HeaderSize > CapsuleHeader->CapsuleImageSize) {
-    return FALSE;
-  }
-  if (CapsuleHeader->HeaderSize < sizeof (EFI_CAPSULE_HEADER)) {
-    return FALSE;
-  }
-
-  return TRUE;
-}
-
-/**
   Print APP usage.
 **/
 VOID
diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c 
b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
index 11bf2e1d4530..45c3ecd050ab 100644
--- a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c
@@ -62,6 +62,24 @@ WriteFileFromBuffer (
   );
 
 /**
+  Validate if it is valid capsule header
+
+  This function assumes the caller provided correct CapsuleHeader pointer
+  and CapsuleSize.
+
+  This function validates the fields in EFI_CAPSULE_HEADER.
+
+  @param[in] CapsuleHeader  Points to a capsule header.
+  @param[in] CapsuleSize    Size of the whole capsule image.
+
+**/
+BOOLEAN
+IsValidCapsuleHeader (
+  IN EFI_CAPSULE_HEADER     *CapsuleHeader,
+  IN UINT64                 CapsuleSize
+  );
+
+/**
   Dump UX capsule information.
 
   @param[in] CapsuleHeader      The UX capsule header
@@ -248,6 +266,11 @@ DumpCapsule (
     Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName);
     goto Done;
   }
+  if (!IsValidCapsuleHeader (Buffer, FileSize)) {
+    Print(L"CapsuleApp: Capsule image (%s) is not a valid capsule.\n", 
CapsuleName);
+    Status = EFI_INVALID_PARAMETER;
+    goto Done;
+  }
 
   CapsuleHeader = Buffer;
   if (CompareGuid(&CapsuleHeader->CapsuleGuid, &gWindowsUxCapsuleGuid)) {
-- 
2.7.0.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [PATCH 6/6] MdeModulePkg CapsuleApp: Check capsule header for -D and -N options

Reply via email to