edk2
edk2 copied to clipboard
tianocore
Add Signature check and fix buffer overrun issue in FtwGetLastWriteHeader
Description
Add Signature check and fix buffer overrun issue in FtwGetLastWriteHeader
<Include a description of the change and why this change was made.>
-
This PR aims to prevent a buffer overrun issue found in FtwGetLastWriteHeader function. As per the current code, when there is a malformed blocks (with all bytes as 0s) then code Offset += FTW_WRITE_TOTAL_SIZE (FtwHeader->NumberOfWrites, FtwHeader->PrivateDataSize) would access beyond FtwWorkSpaceSize.
-
Also added the signature check to validate work space
<For each item, place an "x" in between [ and ] if true. Example: [x] (you can also check items in GitHub UI)>
<Create the PR as a Draft PR if it is only created to run CI checks.>
<Delete lines in <> tags before creating the PR.>
- [ ] Breaking change?
- Breaking change - Does this PR cause a break in build or boot behavior?
- Examples: Does it add a new library class or move a module to a different repo.
- [x ] Impacts security?
- Security - Does this PR have a direct security impact?
- Harden the access within FtwWorkSpace
- [ ] Includes tests?
- Tests - Does this PR include any explicit test code?
- Examples: Unit tests or integration tests.
How This Was Tested
Tested this in platform which has a SPI chip with improper firmware blocks. Without this fix boot crashed and with this change system continued to boot.
Integration Instructions
<Describe how these changes should be integrated. Use N/A if nothing is required.>
The checker is good. But, the commit message doesn't follow the style. Please refer to https://github.com/tianocore/tianocore.github.io/wiki/Commit-Message-Format
Thanks @lgao4
I have updated the commit message. Can you please check again.
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "Published by a pub.dev verified publisher"){kind=small}
requeue