diff --git a/basetypes.h b/basetypes.h
index cb11504..027427c 100644
--- a/basetypes.h
+++ b/basetypes.h
@@ -70,6 +70,7 @@ typedef uint16_t CHAR16;
#define ERR_INVALID_VOLUME 11
#define ERR_VOLUME_REVISION_NOT_SUPPORTED 12
#define ERR_UNKNOWN_FFS 13
+#define ERR_INVALID_FILE 14
// EFI GUID
diff --git a/ffs.cpp b/ffs.cpp
index c76a8d8..38f2edc 100644
--- a/ffs.cpp
+++ b/ffs.cpp
@@ -17,7 +17,10 @@ const UINT8 ffsAlignmentTable[] =
UINT8 calculateChecksum8(UINT8* buffer, UINT32 bufferSize)
{
- UINT8 counter = 0;
+ if(!buffer)
+ return 0;
+
+ UINT8 counter = 0;
while(bufferSize--)
counter += buffer[bufferSize];
return ~counter + 1;
@@ -25,7 +28,10 @@ UINT8 calculateChecksum8(UINT8* buffer, UINT32 bufferSize)
UINT16 calculateChecksum16(UINT8* buffer, UINT32 bufferSize)
{
- UINT16 counter = 0;
+ if(!buffer)
+ return 0;
+
+ UINT16 counter = 0;
while(bufferSize--)
counter += buffer[bufferSize];
return ~counter + 1;
diff --git a/uefitool.cpp b/uefitool.cpp
index f751073..18b2de1 100644
--- a/uefitool.cpp
+++ b/uefitool.cpp
@@ -561,6 +561,13 @@ UINT8 UEFITool::parseVolume(const QByteArray & volume, UINT32 volumeBase, UINT8
QByteArray file = volume.mid(fileIndex, uint24ToUint32(fileHeader->Size));
QByteArray header = file.left(sizeof(EFI_FFS_FILE_HEADER));
+ // Check file size to at least sizeof(EFI_FFS_FILE_HEADER)
+ if (file.size() < sizeof(EFI_FFS_FILE_HEADER))
+ {
+ debug(tr("File with invalid size"));
+ return ERR_INVALID_FILE;
+ }
+
// We are at empty space in the end of volume
if (header.count(empty) == header.size()) {
QByteArray body = volume.right(volume.size() - fileIndex);
@@ -736,7 +743,6 @@ UINT8 UEFITool::parseFile(const QByteArray & file, UINT8 revision, bool erasePol
UINT32 dataSize;
QModelIndex index;
UINT32 result;
- bool lzmaHeaderFound;
switch (sectionHeader->Type)
{
@@ -796,55 +802,26 @@ UINT8 UEFITool::parseFile(const QByteArray & file, UINT8 revision, bool erasePol
if (LzmaGetInfo(data, dataSize, &decompressedSize) != ERR_SUCCESS
|| decompressedSize != compressedSectionHeader->UncompressedLength)
{
- // Shitty file with some data between COMPRESSED_SECTION_HEADER and LZMA_HEADER
- // Search for LZMA header in body
- // Header structure: UINT8 LzmaProperties | UINT32 DictionarySize | UINT64 DecompressedSize
- // We can't determine first two fiels here, but Decompressed size is known, so search for it
- INT32 lzmaHeaderIndex = body.indexOf(QByteArray((const char*)&compressedSectionHeader->UncompressedLength,
- sizeof(compressedSectionHeader->UncompressedLength)).append('\x00').append('\x00').append('\x00').append('\x00'));
- lzmaHeaderIndex -= LZMA_PROPS_SIZE;
- // LZMA header not found
- if (lzmaHeaderIndex < 0)
- {
- lzmaHeaderFound = false;
- debug(tr("Lzma header not found"));
- }
- // LZMA header found
- else if (lzmaHeaderIndex) {
- data = (VOID*) (file.constData() + sectionIndex + sizeof(EFI_COMPRESSION_SECTION) + lzmaHeaderIndex);
- dataSize = uint24ToUint32(sectionHeader->Size) - sizeof(EFI_COMPRESSION_SECTION) - lzmaHeaderIndex;
- // Get buffer sizes again
- if (LzmaGetInfo(data, dataSize, &decompressedSize) != ERR_SUCCESS
- || decompressedSize != compressedSectionHeader->UncompressedLength)
- {
- debug(tr("LzmaGetInfo failed on LZMA header"));
- lzmaHeaderFound = false;
- }
- else
- debug(tr("Padding of size %1 between CompressedSectionHeader and LzmaHeader")
- .arg(lzmaHeaderIndex));
- }
- lzmaHeaderFound = true;
+ // Shitty file with a section header between COMPRESSED_SECTION_HEADER and LZMA_HEADER
+ data = (VOID*) (file.constData() + sectionIndex + sizeof(EFI_COMPRESSION_SECTION) + sizeof(EFI_COMMON_SECTION_HEADER));
+ dataSize = uint24ToUint32(sectionHeader->Size) - sizeof(EFI_COMPRESSION_SECTION) - sizeof(EFI_COMMON_SECTION_HEADER);
+ if (LzmaGetInfo(data, dataSize, &decompressedSize) != ERR_SUCCESS)
+ debug(tr("LzmaGetInfo failed"));
}
- else
- lzmaHeaderFound = true;
- // Decompress if header is found
- if (lzmaHeaderFound) {
- decompressed = new UINT8[decompressedSize];
- // Decompress section data
- if (LzmaDecompress(data, dataSize, decompressed) != ERR_SUCCESS)
- debug(tr("LzmaDecompress failed"));
- else
- {
- body = QByteArray::fromRawData((const char*) decompressed, decompressedSize);
- // Parse stored file
- result = parseFile(body, revision, erasePolarity, index);
- if (result)
- debug(tr("Compressed section with LZMA compression can not be parsed as file (%1)").arg(result));
- }
+ decompressed = new UINT8[decompressedSize];
+ // Decompress section data
+ if (LzmaDecompress(data, dataSize, decompressed) != ERR_SUCCESS)
+ debug(tr("LzmaDecompress failed"));
+ else
+ {
+ body = QByteArray::fromRawData((const char*) decompressed, decompressedSize);
+ // Parse stored file
+ result = parseFile(body, revision, erasePolarity, index);
+ if (result)
+ debug(tr("Compressed section with LZMA compression can not be parsed as file (%1)").arg(result));
+ }
- delete[] decompressed;
- }
+ delete[] decompressed;
break;
default:
body = file.mid(sectionIndex + sizeof(EFI_COMPRESSION_SECTION), sectionSize - sizeof(EFI_COMPRESSION_SECTION));
diff --git a/uefitool.pro b/uefitool.pro
index 2a3be6b..7a60b4b 100644
--- a/uefitool.pro
+++ b/uefitool.pro
@@ -1,34 +1,33 @@
-QT += core gui
-greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
-
-TARGET = UEFITool
-TEMPLATE = app
-
-SOURCES += main.cpp \
- uefitool.cpp \
- descriptor.cpp \
- ffs.cpp \
- treeitem.cpp \
- treemodel.cpp \
- LZMA/LzmaCompress.c \
- LZMA/LzmaDecompress.c \
- LZMA/Sdk/C/LzFind.c \
- LZMA/Sdk/C/LzmaDec.c \
- LZMA/Sdk/C/LzmaEnc.c \
- Tiano/EfiTianoDecompress.c \
- Tiano/EfiCompress.c \
- Tiano/TianoCompress.c
-HEADERS += uefitool.h \
- basetypes.h \
- descriptor.h \
- ffs.h \
- treeitem.h \
- treemodel.h \
- LZMA/LzmaCompress.h \
- LZMA/LzmaDecompress.h \
- Tiano/EfiTianoDecompress.h \
- Tiano/EfiTianoCompress.h
-FORMS += uefitool.ui
-RC_FILE = uefitool.rc
+QT += core gui
+greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
-
ICON = uefitool.icns
\ No newline at end of file
+TARGET = UEFITool
+TEMPLATE = app
+
+SOURCES += main.cpp \
+ uefitool.cpp \
+ descriptor.cpp \
+ ffs.cpp \
+ treeitem.cpp \
+ treemodel.cpp \
+ LZMA/LzmaCompress.c \
+ LZMA/LzmaDecompress.c \
+ LZMA/Sdk/C/LzFind.c \
+ LZMA/Sdk/C/LzmaDec.c \
+ LZMA/Sdk/C/LzmaEnc.c \
+ Tiano/EfiTianoDecompress.c \
+ Tiano/EfiCompress.c \
+ Tiano/TianoCompress.c
+HEADERS += uefitool.h \
+ basetypes.h \
+ descriptor.h \
+ ffs.h \
+ treeitem.h \
+ treemodel.h \
+ LZMA/LzmaCompress.h \
+ LZMA/LzmaDecompress.h \
+ Tiano/EfiTianoDecompress.h \
+ Tiano/EfiTianoCompress.h
+FORMS += uefitool.ui
+RC_FILE = uefitool.rc
+ICON = uefitool.icns
\ No newline at end of file
diff --git a/uefitool.ui b/uefitool.ui
index 5a4007c..4343608 100644
--- a/uefitool.ui
+++ b/uefitool.ui
@@ -20,7 +20,7 @@
true
- UEFITool 0.2.0
+ UEFITool 0.2.1