From: "Krzysztof Koch" <krzysztof.koch@arm.com>
To: <devel@edk2.groups.io>
Cc: <jaben.carsey@intel.com>, <ray.ni@intel.com>,
<zhichao.gao@intel.com>, <Sami.Mujawar@arm.com>,
<Matteo.Carlini@arm.com>, <nd@arm.com>
Subject: [PATCH v1 00/11] Add security checks in the Acpiview table parsers
Date: Fri, 12 Jul 2019 07:52:32 +0100 [thread overview]
Message-ID: <20190712065243.3812-1-krzysztof.koch@arm.com> (raw)
The following patches modify existing ACPI table parsers to add checks which
prevent many potential security issues. These include:
1. Entering infinite loops when ACPI structure lengths are zero.
2. Use of pointers which failed to be initialized because of invalid ACPI
table/structure lengths.
3. Buffer overruns caused by structures which have a too large value of the
'Length' field given the size of the buffer in which they are located.
Other changes added in this patchset include:
1. Removal of redundant forward STATIC function declarations for reducing
the code size.
2. Extension of the use of the -q flag to make ACPI table content validation
optional. ACPI table content consistency checks which do not affect the flow
control in the parsing logic can now be disabled. The remaining validation
checks are enforced as they also prevent the security issues listed above.
Changes can be seen at: https://github.com/KrzysztofKoch1/edk2/tree/612_enhance_parser_logic_v1
Krzysztof Koch (11):
ShellPkg: acpiview: FADT: Validate global pointers before use
ShellPkg: acpiview: SPCR: Remove redundant forward declaration
ShellPkg: acpiview: RSDP: Make printing table checksum optional
ShellPkg: acpiview: XSDT: Remove redundant ParseAcpi() call
ShellPkg: acpiview: SLIT: Add error-checking in the parsing logic
ShellPkg: acpiview: SRAT: Add error-checking in the parsing logic
ShellPkg: acpiview: MADT: Add error-checking in the parsing logic
ShellPkg: acpiview: PPTT: Add error-checking in the parsing logic
ShellPkg: acpiview: IORT: Add error-checking in the parsing logic
ShellPkg: acpiview: GTDT: Add error-checking in the parsing logic
ShellPkg: acpiview: DBG2: Add error-checking in the parsing logic
ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c | 26 +-
ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h | 8 +-
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c | 298 +++++++++-----
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Fadt/FadtParser.c | 131 +++---
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c | 294 ++++++++------
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Iort/IortParser.c | 419 +++++++++++++-------
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c | 187 ++++-----
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttParser.c | 95 ++++-
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Rsdp/RsdpParser.c | 144 ++++---
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c | 115 ++++--
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Spcr/SpcrParser.c | 98 ++---
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratParser.c | 113 +++---
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Xsdt/XsdtParser.c | 22 +-
13 files changed, 1150 insertions(+), 800 deletions(-)
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
next reply other threads:[~2019-07-12 6:53 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-12 6:52 Krzysztof Koch [this message]
2019-07-12 6:52 ` [PATCH v1 01/11] ShellPkg: acpiview: FADT: Validate global pointers before use Krzysztof Koch
2019-07-12 14:26 ` Carsey, Jaben
2019-07-17 13:38 ` [edk2-devel] " Krzysztof Koch
2019-07-19 1:21 ` Gao, Zhichao
2019-07-12 6:52 ` [PATCH v1 02/11] ShellPkg: acpiview: SPCR: Remove redundant forward declaration Krzysztof Koch
2019-07-17 9:42 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 03/11] ShellPkg: acpiview: RSDP: Make printing table checksum optional Krzysztof Koch
2019-07-17 9:41 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 04/11] ShellPkg: acpiview: XSDT: Remove redundant ParseAcpi() call Krzysztof Koch
2019-07-17 9:41 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 05/11] ShellPkg: acpiview: SLIT: Add error-checking in the parsing logic Krzysztof Koch
2019-07-17 9:42 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 06/11] ShellPkg: acpiview: SRAT: " Krzysztof Koch
2019-07-17 9:41 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 07/11] ShellPkg: acpiview: MADT: " Krzysztof Koch
2019-07-17 9:40 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 08/11] ShellPkg: acpiview: PPTT: " Krzysztof Koch
2019-07-17 9:40 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 09/11] ShellPkg: acpiview: IORT: " Krzysztof Koch
2019-07-17 9:40 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 10/11] ShellPkg: acpiview: GTDT: " Krzysztof Koch
2019-07-17 9:39 ` [edk2-devel] " Alexei Fedorov
2019-07-12 6:52 ` [PATCH v1 11/11] ShellPkg: acpiview: DBG2: " Krzysztof Koch
2019-07-17 9:39 ` [edk2-devel] " Alexei Fedorov
2019-07-19 5:39 ` Gao, Zhichao
2019-07-17 9:42 ` [edk2-devel] [PATCH v1 00/11] Add security checks in the Acpiview table parsers Alexei Fedorov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190712065243.3812-1-krzysztof.koch@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox