FmpDevicePkg/FmpDependencyLib: Handle version string overflow

This change recognizes the condition of the DEPEX version string extending beyond the end of the dependency expression as an error. Cc: Liming Gao <[email protected]> Cc: Michael D Kinney <[email protected]> Cc: Guomin Jiang <[email protected]> Cc: Wei6 Xu <[email protected]> Signed-off-by: Michael Kubacki <[email protected]> Reviewed-by: Michael D Kinney <[email protected]> Reviewed-by: Guomin Jiang <[email protected]> Reviewed-by: Wei6 Xu <[email protected]>
tacerus · Aug 7, 2020 · 8665226 · 8665226
1 parent c2db6a8
commit 8665226
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c b/FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.c
@@ -286,6 +286,7 @@ EvaluateDependency (
       Iterator += AsciiStrnLenS ((CHAR8 *) Iterator, DependenciesSize - (Iterator - Dependencies->Dependencies));
       if (Iterator == (UINT8 *) Dependencies->Dependencies + DependenciesSize) {
         DEBUG ((DEBUG_ERROR, "EvaluateDependency: STRING extends beyond end of dependency expression!\n"));
+        goto Error;
       }
       break;
     case EFI_FMP_DEP_AND: