Hao Wu 458cd568b6
MdePkg/UefiLib: Avoid mis-calculate of graphic console size ...
The commit adds check in function InternalPrintGraphic() to ensure that
the expression:
Blt->Width * Blt->Height * sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL)
will not overflow in the UINTN range.
The commit also adds an explicit UINT32 type cast for 'Blt->Width' to
avoid possible overflow in the int range for:
Blt->Width * Blt->Height
Since both Blt->Width and Blt->Height are of type UINT16. They will be
promoted to int (signed) first, and then perform the multiplication
operation. If the result of multiplication between Blt->Width and
Blt->Height exceeds the range of type int, a potential incorrect size will
be passed into function AllocateZeroPool().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com >
Reviewed-by: Liming Gao <liming.gao@intel.com >
2017-04-14 13:16:05 +08:00
2015-12-15 04:53:50 +00:00
2016-06-28 09:51:45 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-10-07 18:05:37 -07:00
2017-04-13 13:16:00 +08:00
2017-04-06 15:43:27 +08:00
2016-12-22 16:17:16 +08:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-05-23 10:48:53 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-01-18 04:50:04 +00:00
2015-12-15 04:53:50 +00:00
2017-04-07 09:43:36 +08:00
2017-03-06 14:18:45 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-03-13 11:09:23 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-01-03 12:22:47 +01:00
2015-12-15 04:53:50 +00:00
2017-03-06 14:18:45 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-11-17 17:08:26 -08:00
2015-12-15 04:53:50 +00:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2016-11-17 09:27:12 +08:00
2015-12-15 04:53:50 +00:00
2016-10-21 16:40:51 +08:00
2017-01-20 15:39:23 +08:00
2016-06-06 09:18:24 +08:00
2017-01-20 15:40:59 +08:00
2017-01-17 10:11:20 +08:00
2015-12-15 04:53:50 +00:00
2016-05-23 10:48:53 +08:00
2016-10-21 16:40:51 +08:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-07-29 09:18:12 +08:00
2016-10-21 16:40:51 +08:00
2016-11-17 09:27:12 +08:00
2017-01-17 10:11:14 +08:00
2015-12-15 04:53:50 +00:00
2016-12-22 16:17:16 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-05-23 10:48:53 +08:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-10-27 21:47:48 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-03-13 16:04:11 +08:00
2017-01-20 15:40:59 +08:00
2015-12-15 04:53:50 +00:00
2016-04-29 12:49:26 +08:00
2017-03-06 14:18:45 +08:00
2016-09-27 11:01:23 +08:00
2016-10-21 16:40:51 +08:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-03-30 11:32:24 +08:00
2016-11-09 17:49:15 +08:00
2015-12-15 04:53:50 +00:00
2017-01-12 21:26:26 +08:00
2017-04-14 13:16:05 +08:00
2017-03-06 14:18:45 +08:00
2016-12-22 16:17:16 +08:00
2015-12-15 04:53:50 +00:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-22 13:58:09 +00:00
2016-10-07 18:05:37 -07:00
458cd568b6