From 1cc497f053c9345b78167840f5e4a48951db8268 Mon Sep 17 00:00:00 2001
From: Matthijs Lavrijsen <mattiwatti@gmail.com>
Date: Tue, 25 May 2021 21:08:07 +0200
Subject: EfiDSEFix: improve g_CiOptions address validation

- Verify expected lengths of instructions
- Verify CipInitialize is in PAGE
- Verify g_CiOptions is in either .data or CiPolicy

Fixes #31 (regression due to KB5003173 fix)
---
 Application/EfiDSEFix/src/pe.cpp | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

(limited to 'Application/EfiDSEFix/src/pe.cpp')

diff --git a/Application/EfiDSEFix/src/pe.cpp b/Application/EfiDSEFix/src/pe.cpp
index 2187537..97d2333 100644
--- a/Application/EfiDSEFix/src/pe.cpp
+++ b/Application/EfiDSEFix/src/pe.cpp
@@ -110,6 +110,35 @@ MapFileSectionView(
 	return Status;
 }
 
+BOOLEAN
+AddressIsInSection(
+	_In_ PUCHAR ImageBase,
+	_In_ PUCHAR Address,
+	_In_ PIMAGE_NT_HEADERS NtHeaders,
+	_In_ PCCH SectionName
+	)
+{
+	if (ImageBase > Address)
+		return FALSE;
+	if (Address >= ImageBase + NtHeaders->OptionalHeader.SizeOfImage)
+		return FALSE;
+
+	const ULONG Rva = static_cast<ULONG>(static_cast<ULONG_PTR>(Address - ImageBase));
+	PIMAGE_SECTION_HEADER Section = IMAGE_FIRST_SECTION(NtHeaders);
+	const USHORT NumberOfSections = NtHeaders->FileHeader.NumberOfSections;
+	for (USHORT i = 0; i < NumberOfSections; ++i)
+	{
+		if (Section->VirtualAddress <= Rva &&
+			Section->VirtualAddress + Section->Misc.VirtualSize > Rva)
+		{
+			if (strncmp(reinterpret_cast<PCCH>(Section->Name), SectionName, IMAGE_SIZEOF_SHORT_NAME) == 0)
+				return TRUE;
+		}
+		Section++;
+	}
+	return FALSE;
+}
+
 PVOID
 GetProcedureAddress(
 	_In_ ULONG_PTR DllBase,
-- 
cgit v1.2.3