UEFITool 0.19.4

- solved a possible crash of EFI11/Tiano decompression routine
This commit is contained in:
Nikolaj Schlej 2014-11-21 18:37:53 +01:00
parent 93973d0042
commit 964bc13723
3 changed files with 10 additions and 2 deletions

View File

@ -681,6 +681,12 @@ Returns: (VOID)
DataIdx = Sd->mOutBuf - DecodeP(Sd) - 1; DataIdx = Sd->mOutBuf - DecodeP(Sd) - 1;
// Check to prevent possible heap corruption
if (DataIdx >= Sd->mOrigSize - BytesRemain) {
Sd->mBadTableFlag = 1;
return;
}
BytesRemain--; BytesRemain--;
while ((INT16)(BytesRemain) >= 0) { while ((INT16)(BytesRemain) >= 0) {
Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++]; Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
@ -989,4 +995,4 @@ EFI_INVALID_PARAMETER - The source data is corrupted
ScratchSize, ScratchSize,
2 2
); );
} }

View File

@ -2146,6 +2146,7 @@ UINT8 FfsEngine::decompress(const QByteArray & compressedData, const UINT8 compr
scratch = new UINT8[scratchSize]; scratch = new UINT8[scratchSize];
// Decompress section data // Decompress section data
//TODO: separate EFI1.1 from Tiano another way //TODO: separate EFI1.1 from Tiano another way
// Try Tiano decompression first // Try Tiano decompression first
if (ERR_SUCCESS != TianoDecompress(data, dataSize, decompressed, decompressedSize, scratch, scratchSize)) { if (ERR_SUCCESS != TianoDecompress(data, dataSize, decompressed, decompressedSize, scratch, scratchSize)) {
@ -2153,6 +2154,7 @@ UINT8 FfsEngine::decompress(const QByteArray & compressedData, const UINT8 compr
if (ERR_SUCCESS != EfiDecompress(data, dataSize, decompressed, decompressedSize, scratch, scratchSize)) { if (ERR_SUCCESS != EfiDecompress(data, dataSize, decompressed, decompressedSize, scratch, scratchSize)) {
if (algorithm) if (algorithm)
*algorithm = COMPRESSION_ALGORITHM_UNKNOWN; *algorithm = COMPRESSION_ALGORITHM_UNKNOWN;
delete[] decompressed; delete[] decompressed;
delete[] scratch; delete[] scratch;
return ERR_STANDARD_DECOMPRESSION_FAILED; return ERR_STANDARD_DECOMPRESSION_FAILED;

View File

@ -17,7 +17,7 @@
UEFITool::UEFITool(QWidget *parent) : UEFITool::UEFITool(QWidget *parent) :
QMainWindow(parent), QMainWindow(parent),
ui(new Ui::UEFITool), ui(new Ui::UEFITool),
version(tr("0.19.3")) version(tr("0.19.4"))
{ {
clipboard = QApplication::clipboard(); clipboard = QApplication::clipboard();