From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=tFB1pXIc; spf=pass (domain: arm.com, ip: 40.107.3.64, mailfrom: krzysztof.koch@arm.com) Received: from EUR03-AM5-obe.outbound.protection.outlook.com (EUR03-AM5-obe.outbound.protection.outlook.com [40.107.3.64]) by groups.io with SMTP; Thu, 11 Jul 2019 23:53:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5K5cFWnQm9uWirZMPKRGFzYb/YzGQJjMC5b1/8g0P50=; b=tFB1pXIczdIbFRhrPZvWQQhf4YkwdlBhb+Wv4r/TKsIwNqvxNSQEEpKliIkx2CMJJ2M56CyWSg0oEluj6EcRwMWQqc9x7LpRvzLaMJ2sgw0vaAmIrvHnydVrw4mCvbOQsb6DzrGoMXcengmweYmMpk0LYNPNALBLIBoHBlBKc14= Received: from HE1PR08CA0073.eurprd08.prod.outlook.com (2603:10a6:7:2a::44) by DB8PR08MB4954.eurprd08.prod.outlook.com (2603:10a6:10:bf::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2052.18; Fri, 12 Jul 2019 06:53:24 +0000 Received: from VE1EUR03FT064.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::206) by HE1PR08CA0073.outlook.office365.com (2603:10a6:7:2a::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2073.14 via Frontend Transport; Fri, 12 Jul 2019 06:53:23 +0000 Authentication-Results: spf=temperror (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=temperror action=none header.from=arm.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout) Received: from nebula.arm.com (40.67.248.234) by VE1EUR03FT064.mail.protection.outlook.com (10.152.19.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.2052.18 via Frontend Transport; Fri, 12 Jul 2019 06:53:22 +0000 Received: from AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1415.2; Fri, 12 Jul 2019 06:53:19 +0000 Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1415.2; Fri, 12 Jul 2019 06:53:19 +0000 Received: from E119924.Arm.com (10.37.8.167) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Fri, 12 Jul 2019 06:53:19 +0000 From: "Krzysztof Koch" To: CC: , , , , , Subject: [PATCH v1 05/11] ShellPkg: acpiview: SLIT: Add error-checking in the parsing logic Date: Fri, 12 Jul 2019 07:52:37 +0100 Message-ID: <20190712065243.3812-6-krzysztof.koch@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20190712065243.3812-1-krzysztof.koch@arm.com> References: <20190712065243.3812-1-krzysztof.koch@arm.com> Return-Path: Krzysztof.Koch@arm.com MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report: CIP:40.67.248.234;IPV:NLI;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(39860400002)(136003)(346002)(376002)(396003)(2980300002)(199004)(189003)(47776003)(2351001)(51416003)(76176011)(53936002)(6916009)(126002)(26005)(966005)(16586007)(316002)(186003)(54906003)(486006)(7696005)(2616005)(476003)(1076003)(8676002)(6306002)(63370400001)(63350400001)(426003)(336012)(53416004)(11346002)(70586007)(50226002)(478600001)(70206006)(86362001)(48376002)(36756003)(5660300002)(446003)(305945005)(50466002)(6666004)(4326008)(14444005)(356004)(68736007)(8936002)(81166006)(81156014)(44832011)(2906002);DIR:OUT;SFP:1101;SCL:1;SRVR:DB8PR08MB4954;H:nebula.arm.com;FPR:;SPF:TempError;LANG:en;PTR:InfoDomainNonexistent;A:1;MX:1; X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0772ef94-c092-4d12-65e1-08d70695a15f X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328);SRVR:DB8PR08MB4954; X-MS-TrafficTypeDiagnostic: DB8PR08MB4954: X-MS-Exchange-PUrlCount: 1 X-Microsoft-Antispam-PRVS: NoDisclaimer: True X-MS-Oob-TLC-OOBClassifiers: OLM:2000; X-Forefront-PRVS: 00963989E5 X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: BUQjvZHsggh1HBCPLiVGIY9K1LozOOGmW7+bWzfn10J/io8VxYjjjFKmPZtcZjtcbl7gKVIenCX9ouO5r+GxWR57+vtTJN1l8FzPfJCVtYFlfI8dVDKlCO0fthEi6uFCfd6km6teTu5dLDN8TrXgUZTINF3/Pgb7YBamjV4Z+q+QiSCmk17In+ZbtzrVKU3MBpYWA1HVoXn/Z478nAjKdeodzFG95EH7Rr3VVJ+BlV2v139Y8FQaNSYidmm2ZZLQsV88M5Pi5AfAenXvZOHCVndTi2VONLhPIZ5IMyLQ83UE/iy6hLrnrNjYNjPniI1Vm+mILvWAXiMY5evMdyz6nkxVdzdkd2RwJfCnWYrnUTXJrM7ljsrgXnOh04sCOak+oT2gkFknedgRd2T5DhycQyJv66XeaYb5X45apxNyTYo= X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Jul 2019 06:53:22.1920 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0772ef94-c092-4d12-65e1-08d70695a15f X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[40.67.248.234];Helo=[nebula.arm.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB4954 Content-Type: text/plain 1. Check if the global pointers (in the scope of this ACPI table parser) have been successfully updated before they are later used to control the parsing logic. 2. Test against buffer overruns. 3. Allow silencing ACPI table content validation errors which do not cause table parsing to fail. 4. Check if the 'Number of System Localities' provided can be represented in a SLIT table. The table 'Length' field is a 32-bit value while the 'Number of System Localities' is a 64-bit value. Signed-off-by: Krzysztof Koch --- Changes can be seen at: https://github.com/KrzysztofKoch1/edk2/commit/2f1ffd1a74d06c23c01971be965d856f0a0e3ac4 Notes: v1: - improve the logic in the SLIT parser [Krzysztof] ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c | 115 ++++++++++++++------ 1 file changed, 83 insertions(+), 32 deletions(-) diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c index 1f9dac66eea5b0f4366a7a9584ac6702a74beaac..dd5f039b67326acc710ee703a6b132a1e280dcaa 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c @@ -1,7 +1,7 @@ /** @file SLIT table parser - Copyright (c) 2016 - 2018, ARM Limited. All rights reserved. + Copyright (c) 2016 - 2019, ARM Limited. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent @par Reference(s): @@ -13,6 +13,7 @@ #include #include "AcpiParser.h" #include "AcpiTableParser.h" +#include "AcpiView.h" // Local Variables STATIC CONST UINT64* SlitSystemLocalityCount; @@ -59,7 +60,7 @@ ParseAcpiSlit ( UINT32 Offset; UINT64 Count; UINT64 Index; - UINT64 LocalityCount; + UINT32 LocalityCount; UINT8* LocalityPtr; CHAR16 Buffer[80]; // Used for AsciiName param of ParseAcpi @@ -77,7 +78,55 @@ ParseAcpiSlit ( ); LocalityPtr = Ptr + Offset; - LocalityCount = *SlitSystemLocalityCount; + // Check if the values used to control the parsing logic have been + // successfully read. + if (SlitSystemLocalityCount == NULL) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient table length. AcpiTableLength = %d.\n", + AcpiTableLength + ); + return; + } + + /* + Despite the 'Number of System Localities' being a 64-bit field in SLIT, + the maximum number of localities that can be represented in SLIT is limited + by the 'Length' field of the ACPI table. + + Since the ACPI table length field is 32-bit wide. The maximum number of + localities that can be represented in SLIT can be calculated as: + + MaxLocality = sqrt (MAX_UINT32 - sizeof (EFI_ACPI_6_3_SYSTEM_LOCALITY_DISTANCE_INFORMATION_TABLE_HEADER)) + = 65535 + = MAX_UINT16 + */ + if (*SlitSystemLocalityCount > MAX_UINT16) { + IncrementErrorCount (); + Print ( + L"ERROR: The Number of System Localities provided can't be represented " \ + L"in the SLIT table. SlitSystemLocalityCount = %ld. " \ + L"MaxLocalityCountAllowed = %d.\n", + *SlitSystemLocalityCount, + MAX_UINT16 + ); + return; + } + + LocalityCount = (UINT32)*SlitSystemLocalityCount; + + // Make sure system localities fit in the table buffer provided + if (Offset + (LocalityCount * LocalityCount) > AcpiTableLength) { + IncrementErrorCount (); + Print ( + L"ERROR: Invalid Number of System Localities. " \ + L"SlitSystemLocalityCount = %ld. AcpiTableLength = %d.\n", + *SlitSystemLocalityCount, + AcpiTableLength + ); + return; + } + // We only print the Localities if the count is less than 16 // If the locality count is more than 16 then refer to the // raw data dump. @@ -96,7 +145,7 @@ ParseAcpiSlit ( Print (L" (%3d) ", Index); } Print (L"\n"); - for (Count = 0; Count< LocalityCount; Count++) { + for (Count = 0; Count < LocalityCount; Count++) { Print (L" (%3d) ", Count); for (Index = 0; Index < LocalityCount; Index++) { Print (L" %3d ", SLIT_ELEMENT (LocalityPtr, Count, Index)); @@ -106,34 +155,36 @@ ParseAcpiSlit ( } // Validate - for (Count = 0; Count < LocalityCount; Count++) { - for (Index = 0; Index < LocalityCount; Index++) { - // Element[x][x] must be equal to 10 - if ((Count == Index) && (SLIT_ELEMENT (LocalityPtr, Count,Index) != 10)) { - IncrementErrorCount (); - Print ( - L"ERROR: Diagonal Element[0x%lx][0x%lx] (%3d)." - L" Normalized Value is not 10\n", - Count, - Index, - SLIT_ELEMENT (LocalityPtr, Count, Index) - ); - } - // Element[i][j] must be equal to Element[j][i] - if (SLIT_ELEMENT (LocalityPtr, Count, Index) != - SLIT_ELEMENT (LocalityPtr, Index, Count)) { - IncrementErrorCount (); - Print ( - L"ERROR: Relative distances for Element[0x%lx][0x%lx] (%3d) and \n" - L"Element[0x%lx][0x%lx] (%3d) do not match.\n", - Count, - Index, - SLIT_ELEMENT (LocalityPtr, Count, Index), - Index, - Count, - SLIT_ELEMENT (LocalityPtr, Index, Count) - ); + if (GetConsistencyChecking ()) { + for (Count = 0; Count < LocalityCount; Count++) { + for (Index = 0; Index < LocalityCount; Index++) { + // Element[x][x] must be equal to 10 + if ((Count == Index) && (SLIT_ELEMENT (LocalityPtr, Count,Index) != 10)) { + IncrementErrorCount (); + Print ( + L"ERROR: Diagonal Element[0x%lx][0x%lx] (%3d)." + L" Normalized Value is not 10\n", + Count, + Index, + SLIT_ELEMENT (LocalityPtr, Count, Index) + ); + } + // Element[i][j] must be equal to Element[j][i] + if (SLIT_ELEMENT (LocalityPtr, Count, Index) != + SLIT_ELEMENT (LocalityPtr, Index, Count)) { + IncrementErrorCount (); + Print ( + L"ERROR: Relative distances for Element[0x%lx][0x%lx] (%3d) and \n" + L"Element[0x%lx][0x%lx] (%3d) do not match.\n", + Count, + Index, + SLIT_ELEMENT (LocalityPtr, Count, Index), + Index, + Count, + SLIT_ELEMENT (LocalityPtr, Index, Count) + ); + } } } - } + } // if (GetConsistencyChecking ()) } -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'