Add additional check for entryHeader->Size in NvramParser::parseEvsaStoreBody to avoid uint32 underflow

This commit is contained in:
yeggor 2022-11-15 18:47:42 +04:00 committed by Nikolaj Schlej
parent 5f134f783a
commit 47c8938c7e

View File

@ -1693,7 +1693,7 @@ USTATUS NvramParser::parseEvsaStoreBody(const UModelIndex & index)
// Check entry size // Check entry size
variableSize = sizeof(EVSA_ENTRY_HEADER); variableSize = sizeof(EVSA_ENTRY_HEADER);
if (unparsedSize < variableSize || unparsedSize < entryHeader->Size) { if (unparsedSize < variableSize || unparsedSize < entryHeader->Size || entryHeader->Size < 2) {
body = data.mid(offset); body = data.mid(offset);
info = usprintf("Full size: %Xh (%u)", (UINT32)body.size(), (UINT32)body.size()); info = usprintf("Full size: %Xh (%u)", (UINT32)body.size(), (UINT32)body.size());