Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=535
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
---
BaseTools/Source/C/GenCrc32/GenCrc32.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/BaseTools/Source/C/GenCrc32/GenCrc32.c b/BaseTools/Source/C/GenCrc32/GenCrc32.c
index e1e11c6..5153587 100644
--- a/BaseTools/Source/C/GenCrc32/GenCrc32.c
+++ b/BaseTools/Source/C/GenCrc32/GenCrc32.c
@@ -1,9 +1,9 @@
/** @file
Calculate Crc32 value and Verify Crc32 value for input data.
-Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
@@ -78,11 +78,11 @@ Returns:
fprintf (stdout, "Usage: GenCrc32 -e|-d [options] <input_file>\n\n");
//
// Copyright declaration
//
- fprintf (stdout, "Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.\n\n");
+ fprintf (stdout, "Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.\n\n");
//
// Details Option
//
fprintf (stdout, "optional arguments:\n");
@@ -324,10 +324,14 @@ Returns:
VerboseMsg ("the size of the encoded file is %u bytes", (unsigned) FileSize + sizeof (UINT32));
} else {
//
// Verify Crc32 Value
//
+ if (FileSize < sizeof (UINT32)) {
+ Error (NULL, 0, 3000, "Invalid", "Input file is invalid!");
+ goto Finish;
+ }
Status = CalculateCrc32 (FileBuffer + sizeof (UINT32), FileSize - sizeof (UINT32), &Crc32Value);
if (Status != EFI_SUCCESS) {
Error (NULL, 0, 3000, "Invalid", "Calculate CRC32 value failed!");
goto Finish;
}
--
2.6.1.windows.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel