[PATCH] StandaloneMmPkg/FvLib: Correct FV section data size


Marvin Häuser
 

The size of a FV section includes the size of its header. Subtract
latter to yield the correct size of the contained data.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
---
StandaloneMmPkg/Library/FvLib/FvLib.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/StandaloneMmPkg/Library/FvLib/FvLib.c b/StandaloneMmPkg/Library/FvLib/FvLib.c
index 94139ae3898b..5d5ad8f73fe0 100644
--- a/StandaloneMmPkg/Library/FvLib/FvLib.c
+++ b/StandaloneMmPkg/Library/FvLib/FvLib.c
@@ -359,16 +359,22 @@ FfsFindSectionData (
ParsedLength = 0;
while (ParsedLength < FileSize) {
if (Section->Type == SectionType) {
+ //
+ // Size is 24 bits wide so mask upper 8 bits.
+ //
+ SectionLength = SECTION_SIZE (Section);
+
+ if (SectionLength < sizeof (*Section)) {
+ return EFI_VOLUME_CORRUPTED;
+ }
*SectionData = (VOID *) (Section + 1);
- *SectionDataSize = SECTION_SIZE(Section);
+ *SectionDataSize = SectionLength - sizeof (*Section);
return EFI_SUCCESS;
}
//
- // Size is 24 bits wide so mask upper 8 bits.
// SectionLength is adjusted it is 4 byte aligned.
// Go to the next section
//
- SectionLength = SECTION_SIZE(Section);
SectionLength = GET_OCCUPIED_SIZE (SectionLength, 4);

ParsedLength += SectionLength;
--
2.31.1

Join devel@edk2.groups.io to automatically receive all group messages.