From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by groups.io with SMTP; Thu, 18 Apr 2019 10:47:29 -0700 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D9DFC3008CC5; Thu, 18 Apr 2019 17:47:28 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-179.rdu2.redhat.com [10.10.120.179]) by smtp.corp.redhat.com (Postfix) with ESMTP id D1739600C1; Thu, 18 Apr 2019 17:47:27 +0000 (UTC) From: "Laszlo Ersek" To: edk2-devel-groups-io Cc: Liming Gao , Michael D Kinney Subject: [PATCH v2 4/5] MdePkg/PiFirmwareFile: fix undefined behavior in FFS_FILE_SIZE Date: Thu, 18 Apr 2019 19:47:09 +0200 Message-Id: <20190418174710.12236-5-lersek@redhat.com> In-Reply-To: <20190418174710.12236-1-lersek@redhat.com> References: <20190418174710.12236-1-lersek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Thu, 18 Apr 2019 17:47:28 +0000 (UTC) Content-Transfer-Encoding: quoted-printable Accessing "EFI_FFS_FILE_HEADER.Size", which is of type UINT8[3], through = a (UINT32*), is undefined behavior. Fix it by accessing the array elements individually. Cc: Liming Gao Cc: Michael D Kinney Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1710 Signed-off-by: Laszlo Ersek --- Notes: v2: =20 - eliminate intermediate macros [Mike] MdePkg/Include/Pi/PiFirmwareFile.h | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/MdePkg/Include/Pi/PiFirmwareFile.h b/MdePkg/Include/Pi/PiFir= mwareFile.h index 05470538de42..ec7729e9c36e 100644 --- a/MdePkg/Include/Pi/PiFirmwareFile.h +++ b/MdePkg/Include/Pi/PiFirmwareFile.h @@ -179,8 +179,15 @@ typedef struct { #define IS_FFS_FILE2(FfsFileHeaderPtr) \ (((((EFI_FFS_FILE_HEADER *) (UINTN) FfsFileHeaderPtr)->Attributes) &= FFS_ATTRIB_LARGE_FILE) =3D=3D FFS_ATTRIB_LARGE_FILE) =20 -#define FFS_FILE_SIZE(FfsFileHeaderPtr) \ - ((UINT32) (*((UINT32 *) ((EFI_FFS_FILE_HEADER *) (UINTN) FfsFileHead= erPtr)->Size) & 0x00ffffff)) +/// +/// The argument passed as the FfsFileHeaderPtr parameter to the +/// FFS_FILE_SIZE() function-like macro below must not have side effects= : +/// FfsFileHeaderPtr is evaluated multiple times. +/// +#define FFS_FILE_SIZE(FfsFileHeaderPtr) ((UINT32) ( \ + (((EFI_FFS_FILE_HEADER *) (UINTN) (FfsFileHeaderPtr))->Size[0] = ) | \ + (((EFI_FFS_FILE_HEADER *) (UINTN) (FfsFileHeaderPtr))->Size[1] << 8= ) | \ + (((EFI_FFS_FILE_HEADER *) (UINTN) (FfsFileHeaderPtr))->Size[2] << 16= ))) =20 #define FFS_FILE2_SIZE(FfsFileHeaderPtr) \ ((UINT32) (((EFI_FFS_FILE_HEADER2 *) (UINTN) FfsFileHeaderPtr)->Exte= ndedSize)) --=20 2.19.1.3.g30247aa5d201