jh163888/UEFITool
1
0
Fork 0
mirror of https://github.com/LongSoft/UEFITool.git synced 2024-11-21 23:48:22 +08:00
Code Issues Projects Releases Wiki Activity

Fix OOB access with volume.mid(headerSize)

Browse Source
This commit is contained in:
yeggor 2023-03-17 02:19:32 +04:00 committed by Nikolaj Schlej
parent 37372cdab4
commit 7a25a52427
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
common/ffsparser.cpp
View File

@ -1135,6 +1135,9 @@ USTATUS FfsParser::parseVolumeHeader(const UByteArray & volume, const UINT32 loc
msgInvalidChecksum = true; msgInvalidChecksum = true;
// Get info // Get info
if (headerSize >= volume.size()) {
return U_INVALID_VOLUME;
}
UByteArray header = volume.left(headerSize); UByteArray header = volume.left(headerSize);
UByteArray body = volume.mid(headerSize); UByteArray body = volume.mid(headerSize);
UString name = guidToUString(volumeHeader->FileSystemGuid); UString name = guidToUString(volumeHeader->FileSystemGuid);