1 files changed, 80 insertions, 15 deletions

diff --git a/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c b/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c
index 8275dd611..1052988e7 100644
--- a/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c
+++ b/MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLib.c
@@ -2,7 +2,7 @@
   Library instance that implement UEFI Device Path Library class based on protocol

   gEfiDevicePathUtilitiesProtocolGuid.

 

-  Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>

+  Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>

   This program and the accompanying materials

   are licensed and made available under the terms and conditions of the BSD License

   which accompanies this distribution.  The full text of the license may be found at

@@ -24,6 +24,7 @@
 #include <Library/MemoryAllocationLib.h>

 #include <Library/BaseMemoryLib.h>

 #include <Library/UefiBootServicesTableLib.h>

+#include <Library/PcdLib.h>

 

 EFI_DEVICE_PATH_UTILITIES_PROTOCOL          *mDevicePathUtilities = NULL;

 

@@ -72,6 +73,61 @@ DevicePathLibConstructor (
 }

 

 /**

+  Determine whether a given device path is valid.

+  If DevicePath is NULL, then ASSERT().

+

+  @param  DevicePath  A pointer to a device path data structure.

+  @param  MaxSize     The maximum size of the device path data structure.

+

+  @retval TRUE        DevicePath is valid.

+  @retval FALSE       The length of any node node in the DevicePath is less

+                      than sizeof (EFI_DEVICE_PATH_PROTOCOL).

+  @retval FALSE       If MaxSize is not zero, the size of the DevicePath

+                      exceeds MaxSize.

+  @retval FALSE       If PcdMaximumDevicePathNodeCount is not zero, the node

+                      count of the DevicePath exceeds PcdMaximumDevicePathNodeCount.

+**/

+BOOLEAN

+EFIAPI

+IsDevicePathValid (

+  IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,

+  IN       UINTN                    MaxSize

+  )

+{

+  UINTN Count;

+  UINTN Size;

+  UINTN NodeLength;

+

+  ASSERT (DevicePath != NULL);

+

+  for (Count = 0, Size = 0; !IsDevicePathEnd (DevicePath); DevicePath = NextDevicePathNode (DevicePath)) {

+    NodeLength = DevicePathNodeLength (DevicePath);

+    if (NodeLength < sizeof (EFI_DEVICE_PATH_PROTOCOL)) {

+      return FALSE;

+    }

+

+    if (MaxSize > 0) {

+      Size += NodeLength;

+      if (Size + END_DEVICE_PATH_LENGTH > MaxSize) {

+        return FALSE;

+      }

+    }

+

+    if (PcdGet32 (PcdMaximumDevicePathNodeCount) > 0) {

+      Count++;

+      if (Count >= PcdGet32 (PcdMaximumDevicePathNodeCount)) {

+        return FALSE;

+      }

+    }

+  }

+

+  //

+  // Only return TRUE when the End Device Path node is valid.

+  //

+  return (BOOLEAN) (DevicePathNodeLength (DevicePath) == END_DEVICE_PATH_LENGTH);

+}

+

+/**

   Returns the Type field of a device path node.

 

   Returns the Type field of the device path node specified by Node.

@@ -136,8 +192,12 @@ DevicePathNodeLength (
   IN CONST VOID  *Node

   )

 {

+  UINTN Length;

+

   ASSERT (Node != NULL);

-  return ReadUnaligned16 ((UINT16 *)&((EFI_DEVICE_PATH_PROTOCOL *)(Node))->Length[0]);

+  Length = ReadUnaligned16 ((UINT16 *)&((EFI_DEVICE_PATH_PROTOCOL *)(Node))->Length[0]);

+  ASSERT (Length >= sizeof (EFI_DEVICE_PATH_PROTOCOL));

+  return Length;

 }

 

 /**

@@ -256,7 +316,8 @@ IsDevicePathEndInstance (
   be used to set the contents of the Length field.

 

   If Node is NULL, then ASSERT().

-  If NodeLength >= 0x10000, then ASSERT().

+  If NodeLength >= SIZE_64KB, then ASSERT().

+  If NodeLength < sizeof (EFI_DEVICE_PATH_PROTOCOL), then ASSERT().

 

   @param  Node      A pointer to a device path node data structure.

   @param  Length    The length, in bytes, of the device path node.

@@ -272,7 +333,7 @@ SetDevicePathNodeLength (
   )

 {

   ASSERT (Node != NULL);

-  ASSERT (Length < 0x10000);

+  ASSERT ((Length >= sizeof (EFI_DEVICE_PATH_PROTOCOL)) && (Length < SIZE_64KB));

   return WriteUnaligned16 ((UINT16 *)&((EFI_DEVICE_PATH_PROTOCOL *)(Node))->Length[0], (UINT16)(Length));

 }

 

@@ -305,13 +366,14 @@ SetDevicePathEndNode (
 /**

   Returns the size of a device path in bytes.

 

-  This function returns the size, in bytes, of the device path data structure specified by

-  DevicePath including the end of device path node.  If DevicePath is NULL, then 0 is returned.

+  This function returns the size, in bytes, of the device path data structure 

+  specified by DevicePath including the end of device path node.

+  If DevicePath is NULL or invalid, then 0 is returned.

 

-  @param  DevicePath                 A pointer to a device path data structure.

-  

-  @retval 0       If DevicePath is NULL.

-  @retval Others  The size of a device path in bytes.

+  @param  DevicePath  A pointer to a device path data structure.

+

+  @retval 0           If DevicePath is NULL or invalid.

+  @retval Others      The size of a device path in bytes.

 

 **/

 UINTN

@@ -336,7 +398,7 @@ GetDevicePathSize (
   

   @param  DevicePath                 A pointer to a device path data structure.

 

-  @retval NULL    If DevicePath is NULL.

+  @retval NULL    If DevicePath is NULL or invalid.

   @retval Others  A pointer to the duplicated device path.

   

 **/

@@ -367,6 +429,7 @@ DuplicateDevicePath (
   @param  SecondDevicePath           A pointer to a device path data structure.

   

   @retval NULL      If there is not enough memory for the newly allocated buffer.

+  @retval NULL      If FirstDevicePath or SecondDevicePath is invalid.

   @retval Others    A pointer to the new device path if success.

                     Or a copy an end-of-device-path if both FirstDevicePath and 

                     SecondDevicePath are NULL.

@@ -431,6 +494,7 @@ AppendDevicePathNode (
   path instance and a new end-of-device-path-instance node is inserted between. 

   If DevicePath is NULL, then a copy if DevicePathInstance is returned.

   If DevicePathInstance is NULL, then NULL is returned.

+  If DevicePath or DevicePathInstance is invalid, then NULL is returned.

   If there is not enough memory to allocate space for the new device path, then 

   NULL is returned.   

   The memory is allocated from EFI boot services memory. It is the responsibility 

@@ -524,15 +588,16 @@ CreateDeviceNode (
 /**

   Determines if a device path is single or multi-instance.

 

-  This function returns TRUE if the device path specified by DevicePath is 

+  This function returns TRUE if the device path specified by DevicePath is

   multi-instance.

-  Otherwise, FALSE is returned.  If DevicePath is NULL, then FALSE is returned.

+  Otherwise, FALSE is returned.

+  If DevicePath is NULL or invalid, then FALSE is returned.

 

   @param  DevicePath                 A pointer to a device path data structure.

 

   @retval  TRUE                      DevicePath is multi-instance.

-  @retval  FALSE                     DevicePath is not multi-instance or DevicePath 

-                                     is NULL.

+  @retval  FALSE                     DevicePath is not multi-instance, or DevicePath 

+                                     is NULL or invalid.

 

 **/

 BOOLEAN