SecurityPkg/VariableAuthenticated: Check if there is a NV Variable Storage header prior to use its attributes
The Variable PEI and RuntimeDxe drivers were using the attribute 'HeaderLength' of EFI_FIRMWARE_VOLUME_HEADER without checking if a Firmware Volume Header was existing at the base address. In case the Firmware Volume Header does not exist or is corrupted, the attribute 'HeaderLength' is a non valid value that can lead to a non valid physical address when accessing produces an access error. Signed-off-by: oliviermartin Reviewed-by: rsun3 Reviewed-by: niruiyu git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12845 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -359,6 +359,15 @@ GetVariableStore (
|
||||
PcdGet64 (PcdFlashNvStorageVariableBase64) :
|
||||
PcdGet32 (PcdFlashNvStorageVariableBase)
|
||||
);
|
||||
|
||||
//
|
||||
// Check if the Firmware Volume is not corrupted
|
||||
//
|
||||
if ((FvHeader->Signature != EFI_FVH_SIGNATURE) || (!CompareGuid (&gEfiSystemNvDataFvGuid, &FvHeader->FileSystemGuid))) {
|
||||
DEBUG ((EFI_D_ERROR, "Firmware Volume for Variable Store is corrupted\n"));
|
||||
break;
|
||||
}
|
||||
|
||||
VariableStoreHeader = (VARIABLE_STORE_HEADER *) ((UINT8 *) FvHeader + FvHeader->HeaderLength);
|
||||
|
||||
if (IndexTable != NULL) {
|
||||
|
Reference in New Issue
Block a user