mirror of
https://github.com/LongSoft/UEFITool.git
synced 2024-10-18 04:30:33 -04:00
Version 0.17.6
- corrected extended firmware volume header handling - corrected a rare crash on trying to decompress EFI11-compressed sections with TianoDecompress routine
This commit is contained in:
Nikolaj Schlej
parent
b3c9466f58
commit
7b2976d92c
2 changed files with 24 additions and 5 deletions
|
|
@ -255,10 +255,14 @@ for (Char = 0; Char < NumOfChar; Char++) {
|
|||
|
||||
NextCode = (UINT16) (Start[Len] + Weight[Len]);
|
||||
|
||||
if (Len <= TableBits) {
|
||||
if (Len <= TableBits) {
|
||||
|
||||
for (Index = Start[Len]; Index < NextCode; Index++) {
|
||||
Table[Index] = Char;
|
||||
// Check to prevent possible heap corruption
|
||||
if (Index >= (UINT16) (1U << TableBits))
|
||||
return (UINT16)BAD_TABLE;
|
||||
|
||||
Table[Index] = Char;
|
||||
}
|
||||
|
||||
} else {
|
||||
|
|
@ -643,7 +647,11 @@ for (;;) {
|
|||
BytesRemain = CharC;
|
||||
|
||||
DataIdx = Sd->mOutBuf - DecodeP (Sd) - 1;
|
||||
|
||||
if (DataIdx >= Sd->mOrigSize) {
|
||||
Sd->mBadTableFlag = 1;
|
||||
return;
|
||||
}
|
||||
|
||||
BytesRemain--;
|
||||
while ((INT16) (BytesRemain) >= 0) {
|
||||
Sd->mDstBase[Sd->mOutBuf++] = Sd->mDstBase[DataIdx++];
|
||||
|
|
|
|||
|
|
@ -671,13 +671,16 @@ UINT8 FfsEngine::parseVolume(const QByteArray & volume, QModelIndex & index, co
|
|||
// Calculate volume header size
|
||||
UINT32 headerSize;
|
||||
if (volumeHeader->Revision > 1 && volumeHeader->ExtHeaderOffset) {
|
||||
EFI_FIRMWARE_VOLUME_EXT_HEADER* extendedHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER*)((UINT8*)volumeHeader + volumeHeader->ExtHeaderOffset);
|
||||
EFI_FIRMWARE_VOLUME_EXT_HEADER* extendedHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER*)(volume.constData() + volumeHeader->ExtHeaderOffset);
|
||||
headerSize = volumeHeader->ExtHeaderOffset + extendedHeader->ExtHeaderSize;
|
||||
}
|
||||
else {
|
||||
headerSize = volumeHeader->HeaderLength;
|
||||
}
|
||||
|
||||
// Sanity check after some new crazy MSI images
|
||||
headerSize = ALIGN8(headerSize);
|
||||
|
||||
// Check for volume structure to be known
|
||||
// Default volume subtype is "normal"
|
||||
UINT8 subtype = Subtypes::NormalVolume;
|
||||
|
|
@ -737,7 +740,14 @@ UINT8 FfsEngine::parseVolume(const QByteArray & volume, QModelIndex & index, co
|
|||
.arg(volumeSize, 8, 16, QChar('0'))
|
||||
.arg(volumeHeader->Revision)
|
||||
.arg(volumeHeader->Attributes, 8, 16, QChar('0'))
|
||||
.arg(volumeHeader->HeaderLength, 4, 16, QChar('0'));
|
||||
.arg(headerSize, 4, 16, QChar('0'));
|
||||
// Extended header present
|
||||
if (volumeHeader->Revision > 1 && volumeHeader->ExtHeaderOffset) {
|
||||
EFI_FIRMWARE_VOLUME_EXT_HEADER* extendedHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER*)(volume.constData() + volumeHeader->ExtHeaderOffset);
|
||||
info += tr("\nExtended header size: %1\nVolume name: %2")
|
||||
.arg(extendedHeader->ExtHeaderSize, 8, 16, QChar('0'))
|
||||
.arg(guidToQString(extendedHeader->FvName));
|
||||
}
|
||||
|
||||
// Add tree item
|
||||
QByteArray header = volume.left(headerSize);
|
||||
|
|
@ -1685,6 +1695,7 @@ UINT8 FfsEngine::decompress(const QByteArray & compressedData, const UINT8 compr
|
|||
scratch = new UINT8[scratchSize];
|
||||
|
||||
// Decompress section data
|
||||
//TODO: separate EFI1.1 from Tiano another way
|
||||
// Try Tiano decompression first
|
||||
if (ERR_SUCCESS != TianoDecompress(data, dataSize, decompressed, decompressedSize, scratch, scratchSize)) {
|
||||
// Not Tiano, try EFI 1.1
|
||||
|
|
|
|||
Loading…
Reference in a new issue