[PATCH EDK2 v1 0/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

* [PATCH EDK2 v1 0/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow
@ 2020-11-19  9:27 wenyi,xie
  2020-11-19  9:27 ` [PATCH EDK2 v1 1/1] " wenyi,xie
  0 siblings, 1 reply; 3+ messages in thread
From: wenyi,xie @ 2020-11-19  9:27 UTC (permalink / raw)
  To: devel, michael.d.kinney, gaoliming, zhiguang.liu; +Cc: songdongkuang, xiewenyi2

Main Changes :
add conditional operator to check whether the HstiSize is larger than
sizeof(CHAR16). If not, setting offset to 0 to avoid overflow.

Wenyi Xie (1):
  MdePkg/DxeHstiLib: avoid Hsti offset overflow

 MdePkg/Library/DxeHstiLib/HstiDxe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.20.1.windows.1


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH EDK2 v1 1/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow
  2020-11-19  9:27 [PATCH EDK2 v1 0/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow wenyi,xie
@ 2020-11-19  9:27 ` wenyi,xie
  2020-11-20  6:05   ` 回复: " gaoliming
  0 siblings, 1 reply; 3+ messages in thread
From: wenyi,xie @ 2020-11-19  9:27 UTC (permalink / raw)
  To: devel, michael.d.kinney, gaoliming, zhiguang.liu; +Cc: songdongkuang, xiewenyi2

add conditional operator to check whether the HstiSize is larger than
sizeof(CHAR16). If not, setting offset to 0 to avoid overflow.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Wenyi Xie <xiewenyi2@huawei.com>
---
 MdePkg/Library/DxeHstiLib/HstiDxe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MdePkg/Library/DxeHstiLib/HstiDxe.c b/MdePkg/Library/DxeHstiLib/HstiDxe.c
index 4e1c67616b01..f04e6f13b7e5 100644
--- a/MdePkg/Library/DxeHstiLib/HstiDxe.c
+++ b/MdePkg/Library/DxeHstiLib/HstiDxe.c
@@ -519,7 +519,7 @@ InternalHstiRecordErrorString (
   }
 
   if (Append) {
-    Offset = HstiSize - sizeof(CHAR16);
+    Offset = (HstiSize >= sizeof(CHAR16)) ? (HstiSize - sizeof(CHAR16)) : 0;
   } else {
     Offset = sizeof(ADAPTER_INFO_PLATFORM_SECURITY) + Hsti->SecurityFeaturesSize * 3;
   }
-- 
2.20.1.windows.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* 回复: [PATCH EDK2 v1 1/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow
  2020-11-19  9:27 ` [PATCH EDK2 v1 1/1] " wenyi,xie
@ 2020-11-20  6:05   ` gaoliming
  0 siblings, 0 replies; 3+ messages in thread
From: gaoliming @ 2020-11-20  6:05 UTC (permalink / raw)
  To: 'Wenyi Xie', devel, michael.d.kinney, zhiguang.liu; +Cc: songdongkuang

Wenyi:
  HstiSize is the size of Hsti. Hsti points to the structure
ADAPTER_INFO_PLATFORM_SECURITY. 
  So, HstiSize should be larger than sizeof
(ADAPTER_INFO_PLATFORM_SECURITY). 

  If this checker is required, it needs to be added into
InternalHstiFindAip() after Hsti is got from GetInformation().

Thanks
Liming
> -----邮件原件-----
> 发件人: Wenyi Xie <xiewenyi2@huawei.com>
> 发送时间: 2020年11月19日 17:27
> 收件人: devel@edk2.groups.io; michael.d.kinney@intel.com;
> gaoliming@byosoft.com.cn; zhiguang.liu@intel.com
> 抄送: songdongkuang@huawei.com; xiewenyi2@huawei.com
> 主题: [PATCH EDK2 v1 1/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow
> 
> add conditional operator to check whether the HstiSize is larger than
> sizeof(CHAR16). If not, setting offset to 0 to avoid overflow.
> 
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Signed-off-by: Wenyi Xie <xiewenyi2@huawei.com>
> ---
>  MdePkg/Library/DxeHstiLib/HstiDxe.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/MdePkg/Library/DxeHstiLib/HstiDxe.c
> b/MdePkg/Library/DxeHstiLib/HstiDxe.c
> index 4e1c67616b01..f04e6f13b7e5 100644
> --- a/MdePkg/Library/DxeHstiLib/HstiDxe.c
> +++ b/MdePkg/Library/DxeHstiLib/HstiDxe.c
> @@ -519,7 +519,7 @@ InternalHstiRecordErrorString (
>    }
> 
>    if (Append) {
> -    Offset = HstiSize - sizeof(CHAR16);
> +    Offset = (HstiSize >= sizeof(CHAR16)) ? (HstiSize - sizeof(CHAR16)) :
0;
>    } else {
>      Offset = sizeof(ADAPTER_INFO_PLATFORM_SECURITY) +
> Hsti->SecurityFeaturesSize * 3;
>    }
> --
> 2.20.1.windows.1




^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-11-20  6:05 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-11-19  9:27 [PATCH EDK2 v1 0/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow wenyi,xie
2020-11-19  9:27 ` [PATCH EDK2 v1 1/1] " wenyi,xie
2020-11-20  6:05   ` 回复: " gaoliming

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox