From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=ZvhE2603;
 spf=pass (domain: arm.com, ip: 40.107.15.83, mailfrom: krzysztof.koch@arm.com)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com [40.107.15.83])
 by groups.io with SMTP; Thu, 01 Aug 2019 01:44:55 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
 s=selector2-armh-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=YufE/O+5YlFa96Q5PVYGh+HW1JHTt0HeiJnTH6jP0Yw=;
 b=ZvhE2603pScYj666ngVAcNZw9fIW1twcnFCmKLDX3bfufJfGu3Ey9KQhik92EP/httA17ektRjJg757MCsDXkJGwq5a2PdPxmdXlqx5fHpwktEsQKJDfi9vCUpOK+Gej9CRMblIcvJLBoq+nIUEyjTh21AbaSEzijeUxUCB7WWg=
Received: from VI1PR08CA0203.eurprd08.prod.outlook.com (2603:10a6:800:d2::33)
 by AM6PR08MB4950.eurprd08.prod.outlook.com (2603:10a6:20b:e1::15) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.14; Thu, 1 Aug
 2019 08:44:50 +0000
Received: from DB5EUR03FT060.eop-EUR03.prod.protection.outlook.com
 (2a01:111:f400:7e0a::200) by VI1PR08CA0203.outlook.office365.com
 (2603:10a6:800:d2::33) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2136.16 via Frontend
 Transport; Thu, 1 Aug 2019 08:44:50 +0000
Authentication-Results: spf=temperror (sender IP is 63.35.35.123)
 smtp.mailfrom=arm.com; edk2.groups.io; dkim=pass (signature was verified)
 header.d=armh.onmicrosoft.com;edk2.groups.io; dmarc=temperror action=none
 header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during
 lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by
 DB5EUR03FT060.mail.protection.outlook.com (10.152.21.231) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id
 15.20.2052.18 via Frontend Transport; Thu, 1 Aug 2019 08:44:48 +0000
Received: ("Tessian outbound cc8a947d4660:v26"); Thu, 01 Aug 2019 08:44:48 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 3e6760ba91f5e74c
X-CR-MTA-TID: 64aa7808
Received: from c4f05d6a3f09.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.9.58])
	by 64aa7808-outbound-1.mta.getcheckrecipient.com id DBF61013-C564-44F4-A371-65988AB0F2F5.1;
	Thu, 01 Aug 2019 08:44:43 +0000
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-ve1eur03lp2058.outbound.protection.outlook.com [104.47.9.58])
    by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id c4f05d6a3f09.1
    (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384);
    Thu, 01 Aug 2019 08:44:43 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=cAB3FEF9sARjIV12bJ5cY0TAF/X9MQi4lCCU4fXNW1msGweLxg5fiOCe+WEwAgYIxLtQK9kSyqUNWd8uRVYoZIudnjnyvV5PA5NUozWsJrztM3elHYtSguln5V8qyvrMtEOL2Mu/lUemJ+4JnBH9/yBkZMbXDEdBUnOYXG49/ALyIgJP14APwwcbw5fBp59LgvF5m0TXIe0962Dw/NQYc2mnL0g6oCgsse0gRjy5rUePSrJ8m/mNhSc3hpUJL/Cfv8IjcVdZKVIoDttZcMZMFZltayLSSpaqUoWxTzCh26BhS2rudI9/PfSrTQImZFtwN9JjFALCtLeZbUzuXmaYoQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=YufE/O+5YlFa96Q5PVYGh+HW1JHTt0HeiJnTH6jP0Yw=;
 b=cWwxuRiIq2pb2LC4i579zoJWqsTNGxbrweXpMw0OlELackXqo9lcWZR2/+LeAXKy1vpf+Pbwq0p9IIyx2i2m3JpQwz2OB/hOQ4z0fB+fQQ4JA55K1zIEcJwDbJm+TpxxabuptuNbJHMxwKcr9g/TiQq3tW2u2Yw6HL7QYeXjiFkGkihlWcUANhxgVYxrQDnfDZ2VWaUsF4IjJujUIb+Ub2ANds2cZZcY3oWSz8k8MkqfmBR7Ntea26lbvBgGnSqWGqwAjxhJuUePXs14pqGcf4n0ZvI/bcgfPiVbBvEyCoLghqv25DfMmMJB2IjiLc/23kmyFfSVGGFCDjOC/kQeoQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=temperror (sender ip
 is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io
 smtp.mailfrom=arm.com;dmarc=temperror action=none
 header.from=arm.com;dkim=none (message not signed);arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
 s=selector2-armh-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=YufE/O+5YlFa96Q5PVYGh+HW1JHTt0HeiJnTH6jP0Yw=;
 b=ZvhE2603pScYj666ngVAcNZw9fIW1twcnFCmKLDX3bfufJfGu3Ey9KQhik92EP/httA17ektRjJg757MCsDXkJGwq5a2PdPxmdXlqx5fHpwktEsQKJDfi9vCUpOK+Gej9CRMblIcvJLBoq+nIUEyjTh21AbaSEzijeUxUCB7WWg=
Received: from VI1PR08CA0176.eurprd08.prod.outlook.com (2603:10a6:800:d1::30)
 by VI1PR0801MB1853.eurprd08.prod.outlook.com (2603:10a6:800:5a::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.16; Thu, 1 Aug
 2019 08:44:40 +0000
Received: from VE1EUR03FT036.eop-EUR03.prod.protection.outlook.com
 (2a01:111:f400:7e09::204) by VI1PR08CA0176.outlook.office365.com
 (2603:10a6:800:d1::30) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.12 via Frontend
 Transport; Thu, 1 Aug 2019 08:44:40 +0000
Authentication-Results-Original: spf=temperror (sender IP is 40.67.248.234)
 smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=temperror action=none
 header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during
 lookup of arm.com: DNS Timeout)
Received: from nebula.arm.com (40.67.248.234) by
 VE1EUR03FT036.mail.protection.outlook.com (10.152.19.204) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.2052.18 via Frontend Transport; Thu, 1 Aug 2019 08:44:37 +0000
Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX03.Arm.com
 (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1415.2; Thu, 1 Aug 2019
 08:44:16 +0000
Received: from E119924.Arm.com (10.1.199.124) by mail.arm.com (10.251.24.32)
 with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Thu, 1 Aug
 2019 08:44:15 +0000
From: "Krzysztof Koch" <krzysztof.koch@arm.com>
To: <devel@edk2.groups.io>
CC: <jaben.carsey@intel.com>, <ray.ni@intel.com>, <zhichao.gao@intel.com>,
	<Sami.Mujawar@arm.com>, <Matteo.Carlini@arm.com>, <nd@arm.com>
Subject: [PATCH v1 2/6] ShellPkg: acpiview: GTDT: Prevent buffer overruns
Date: Thu, 1 Aug 2019 09:44:03 +0100
Message-ID: <20190801084407.48712-3-krzysztof.koch@arm.com>
X-Mailer: git-send-email 2.16.2.windows.1
In-Reply-To: <20190801084407.48712-1-krzysztof.koch@arm.com>
References: <20190801084407.48712-1-krzysztof.koch@arm.com>
MIME-Version: 1.0
X-EOPAttributedMessage: 1
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report-Untrusted: 
 CIP:40.67.248.234;IPV:NLI;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(346002)(39860400002)(376002)(396003)(136003)(2980300002)(189003)(199004)(50226002)(47776003)(48376002)(70206006)(50466002)(70586007)(2616005)(446003)(305945005)(11346002)(186003)(126002)(476003)(478600001)(86362001)(2351001)(44832011)(486006)(53416004)(2906002)(81166006)(81156014)(6916009)(4326008)(426003)(336012)(8676002)(8936002)(68736007)(316002)(26005)(16586007)(5660300002)(53936002)(356004)(36756003)(6666004)(51416003)(7696005)(1076003)(76176011)(63350400001)(63370400001)(54906003);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR0801MB1853;H:nebula.arm.com;FPR:;SPF:TempError;LANG:en;PTR:InfoDomainNonexistent;MX:1;A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7fef9e59-c183-4a3e-fff8-08d7165c8318
X-Microsoft-Antispam-Untrusted: 
 BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328);SRVR:VI1PR0801MB1853;
X-MS-TrafficTypeDiagnostic: VI1PR0801MB1853:|AM6PR08MB4950:
X-Microsoft-Antispam-PRVS: 
	<AM6PR08MB4950813F6BFC55186FD4B26684DE0@AM6PR08MB4950.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;OLM:8882;
X-Forefront-PRVS: 01165471DB
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: 
 vLQFEGmoxx9YQMZ1hCW7KBPRbCdO5uCqsll15zUOdnRqJHYbP8N9osXX/+Y+XokT6eIcX4eAM2J+HEZTv/NpAE60u4arL1Io40IGpoany3PIT6DzyjgU40GIRLdvy3eIAI5k3bbNe6k0VeAVbo1xXJ5phkeUM/AZyLv9K1ywjLEMdQx9DonwYLGwviLh6yZ3e/KV+4OSn8UBVkaHRiOcmlttWN5FUHtBBzmyx3qeyk6DGWF9W5PHKRLssT/H7OF9IdSoQFtbSB7IJf830FD9EAwX2ynxari46wKy7LB2vaYOt9oxNYcg9lJNl2lOAW7A6IJGfiUv/oepYOvkWFOQ//BJUZ19JhNgdMhfrAcQqKyQOd9uv2LlVTHWXPsFzkgLDrm0vqJU7y8mQn9Xnr5G6B7uiK8GxbP6ebrP3755mi0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1853
Original-Authentication-Results: spf=temperror (sender IP is 40.67.248.234)
 smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=temperror action=none
 header.from=arm.com;
Return-Path: Krzysztof.Koch@arm.com
X-MS-Exchange-Transport-CrossTenantHeadersStripped: 
 DB5EUR03FT060.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: 
	CIP:63.35.35.123;IPV:CAL;SCL:-1;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(376002)(136003)(396003)(346002)(39860400002)(2980300002)(189003)(199004)(86362001)(8936002)(70586007)(6666004)(50466002)(6916009)(81156014)(81166006)(186003)(48376002)(1076003)(426003)(486006)(126002)(476003)(63350400001)(11346002)(44832011)(76130400001)(305945005)(8676002)(26005)(5660300002)(63370400001)(22756006)(47776003)(446003)(16586007)(51416003)(53416004)(70206006)(50226002)(36756003)(2616005)(54906003)(26826003)(478600001)(2351001)(336012)(316002)(7696005)(76176011)(4326008)(2906002);DIR:OUT;SFP:1101;SCL:1;SRVR:AM6PR08MB4950;H:64aa7808-outbound-1.mta.getcheckrecipient.com;FPR:;SPF:TempError;LANG:en;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;MX:1;A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 
	b0cdf8df-b995-49e9-5e86-08d7165c7cf4
X-Microsoft-Antispam: 
	BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(710020)(711020)(4605104)(1401327)(2017052603328);SRVR:AM6PR08MB4950;
NoDisclaimer: True
X-Forefront-PRVS: 01165471DB
X-Microsoft-Antispam-Message-Info: 
	cr15tMJXxgEodz7VcycaICc5Dq06pJftup1UTJZJ1PpwcW8+Zp2dyP1Pqu6esfetXDuR7JJMqtBJcKL0fC11gbWMKG28/+k/EOFu7g/+nTb+X2F5msqJ/CySxLVaiRYGutPurESvR/9ZK+AVD1w2gZgZYKdM7RCA0AAvLLzJbyzmxfec14vJruCIprXbZdiL6EJV6GQL/jtj3tGFjb//74LmuK6k8bawRftm8z1T2ZMQ6ny0m60AjIhIjh46p6QMNedXTWTFJzuFCmzyErUcVI0ppCsY8sUyTE7XClESTAXLEv/xznMofMdjYUVTQtXPeLEtzR8nKNmunm3QNaAlJoEared9qKSPkFBi8eixAD3TF90/hWB/DzPuabCYHQe9CXG/lVetchOdzt6PWpZIT3E/AYNNnQcuaRYfWGEBUYA=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Aug 2019 08:44:48.7759
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 7fef9e59-c183-4a3e-fff8-08d7165c8318
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4950
Content-Type: text/plain

Modify the GTDT table parsing logic to prevent reading past the ACPI
buffer lengths provided and to make it consistent with other table
parsers. This includes converting the do-while loop in ParseAcpiGtdt()
into a while loop.

Remove a check which ensures that the entire Platform GT Block
Structure buffer has been parsed. The ACPI specification does not ban
from defining buffers which are larger than the size indicated by the
count and sizes of substructures which constitute it.

Change the data type of the Length parameter to the DumpGTBlock()
function to reflect the width of the respective ACPI structure's
field.

References:
- ACPI 6.3, January 2019, Table 5-124

Signed-off-by: Krzysztof Koch <krzysztof.koch@arm.com>
---

Notes:
    v1:
    - Prevent buffer overruns in GTDT acpiview parser [Krzysztof]

 ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c | 147 ++++++++++----------
 1 file changed, 76 insertions(+), 71 deletions(-)

diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c
index 1e5b5764f50a2d29aa904c889bc89af5bdc3af5c..57174e14c80072f12b90e1996ebe8f0002d0c404 100644
--- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c
+++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c
@@ -23,7 +23,6 @@ STATIC CONST UINT8*  PlatformTimerType;
 STATIC CONST UINT16* PlatformTimerLength;
 STATIC CONST UINT32* GtBlockTimerCount;
 STATIC CONST UINT32* GtBlockTimerOffset;
-STATIC CONST UINT16* GtBlockLength;
 STATIC ACPI_DESCRIPTION_HEADER_INFO AcpiHdrInfo;
 
 /**
@@ -127,7 +126,7 @@ STATIC CONST ACPI_PARSER GtPlatformTimerHeaderParser[] = {
 **/
 STATIC CONST ACPI_PARSER GtBlockParser[] = {
   {L"Type", 1, 0, L"%d", NULL, NULL, NULL, NULL},
-  {L"Length", 2, 1, L"%d", NULL, (VOID**)&GtBlockLength, NULL, NULL},
+  {L"Length", 2, 1, L"%d", NULL, NULL, NULL, NULL},
   {L"Reserved", 1, 3, L"%x", NULL, NULL, NULL, NULL},
   {L"Physical address (CntCtlBase)", 8, 4, L"0x%lx", NULL, NULL, NULL, NULL},
   {L"Timer Count", 4, 12, L"%d", NULL, (VOID**)&GtBlockTimerCount,
@@ -168,56 +167,43 @@ STATIC CONST ACPI_PARSER SBSAGenericWatchdogParser[] = {
 /**
   This function parses the Platform GT Block.
 
-  @param [in] Ptr     Pointer to the start of the GT Block data.
-  @param [in] Length  Length of the GT Block structure.
+  @param [in] Ptr       Pointer to the start of the GT Block data.
+  @param [in] Length    Length of the GT Block structure.
 **/
 STATIC
 VOID
 DumpGTBlock (
   IN UINT8* Ptr,
-  IN UINT32 Length
+  IN UINT16 Length
   )
 {
   UINT32 Index;
   UINT32 Offset;
-  UINT32 GTBlockTimerLength;
 
-  Offset = ParseAcpi (
-             TRUE,
-             2,
-             "GT Block",
-             Ptr,
-             Length,
-             PARSER_PARAMS (GtBlockParser)
-             );
-  GTBlockTimerLength = (*GtBlockLength - Offset) / (*GtBlockTimerCount);
-  Length -= Offset;
+  ParseAcpi (
+    TRUE,
+    2,
+    "GT Block",
+    Ptr,
+    Length,
+    PARSER_PARAMS (GtBlockParser)
+    );
 
-  if (*GtBlockTimerCount != 0) {
-    Ptr += (*GtBlockTimerOffset);
-    Index = 0;
-    while ((Index < (*GtBlockTimerCount)) && (Length >= GTBlockTimerLength)) {
-      Offset = ParseAcpi (
-                 TRUE,
-                 2,
-                 "GT Block Timer",
-                 Ptr,
-                 GTBlockTimerLength,
-                 PARSER_PARAMS (GtBlockTimerParser)
-                 );
-      // Increment by GT Block Timer structure size
-      Ptr += Offset;
-      Length -= Offset;
-      Index++;
-    }
+  Offset = *GtBlockTimerOffset;
+  Index = 0;
 
-    if (Length != 0) {
-      IncrementErrorCount ();
-      Print (
-        L"ERROR:GT Block Timer length mismatch. Unparsed %d bytes.\n",
-        Length
-        );
-    }
+  // Parse the specified number of GT Block Timer Structures or the GT Block
+  // Structure buffer length. Whichever is minimum.
+  while ((Index++ < *GtBlockTimerCount) &&
+         (Offset < Length)) {
+    Offset += ParseAcpi (
+                TRUE,
+                2,
+                "GT Block Timer",
+                Ptr + Offset,
+                Length - Offset,
+                PARSER_PARAMS (GtBlockTimerParser)
+                );
   }
 }
 
@@ -270,6 +256,7 @@ ParseAcpiGtdt (
   )
 {
   UINT32 Index;
+  UINT32 Offset;
   UINT8* TimerPtr;
 
   if (!Trace) {
@@ -285,36 +272,54 @@ ParseAcpiGtdt (
     PARSER_PARAMS (GtdtParser)
     );
 
-  if (*GtdtPlatformTimerCount != 0) {
-    TimerPtr = Ptr + (*GtdtPlatformTimerOffset);
-    Index = 0;
-    do {
-      // Parse the Platform Timer Header
-      ParseAcpi (
-        FALSE,
-        0,
-        NULL,
-        TimerPtr,
-        4,  // GT Platform Timer structure header length.
-        PARSER_PARAMS (GtPlatformTimerHeaderParser)
+  TimerPtr = Ptr + *GtdtPlatformTimerOffset;
+  Offset = *GtdtPlatformTimerOffset;
+  Index = 0;
+
+  // Parse the specified number of Platform Timer Structures or the GTDT
+  // buffer length. Whichever is minimum.
+  while ((Index++ < *GtdtPlatformTimerCount) &&
+         (Offset < AcpiTableLength)) {
+    // Parse the Platform Timer Header to obtain Length and Type
+    ParseAcpi (
+      FALSE,
+      0,
+      NULL,
+      TimerPtr,
+      AcpiTableLength - Offset,
+      PARSER_PARAMS (GtPlatformTimerHeaderParser)
+      );
+
+    // Make sure the Platform Timer is inside the table.
+    if ((Offset + *PlatformTimerLength) > AcpiTableLength) {
+      IncrementErrorCount ();
+      Print (
+        L"ERROR: Invalid Platform Timer Structure length. " \
+          L"PlatformTimerLength = %d. RemainingTableBufferLength = %d. " \
+          L"GTDT parsing aborted.\n",
+        *PlatformTimerLength,
+        AcpiTableLength - Offset
         );
-      switch (*PlatformTimerType) {
-        case EFI_ACPI_6_2_GTDT_GT_BLOCK:
-          DumpGTBlock (TimerPtr, *PlatformTimerLength);
-          break;
-        case EFI_ACPI_6_2_GTDT_SBSA_GENERIC_WATCHDOG:
-          DumpWatchdogTimer (TimerPtr, *PlatformTimerLength);
-          break;
-        default:
-          IncrementErrorCount ();
-          Print (
-            L"ERROR: INVALID Platform Timer Type = %d\n",
-            *PlatformTimerType
-            );
-          break;
-      } // switch
-      TimerPtr += (*PlatformTimerLength);
-      Index++;
-    } while (Index < *GtdtPlatformTimerCount);
-  }
+      return;
+    }
+
+    switch (*PlatformTimerType) {
+      case EFI_ACPI_6_3_GTDT_GT_BLOCK:
+        DumpGTBlock (TimerPtr, *PlatformTimerLength);
+        break;
+      case EFI_ACPI_6_3_GTDT_SBSA_GENERIC_WATCHDOG:
+        DumpWatchdogTimer (TimerPtr, *PlatformTimerLength);
+        break;
+      default:
+        IncrementErrorCount ();
+        Print (
+          L"ERROR: Invalid Platform Timer Type = %d\n",
+          *PlatformTimerType
+          );
+        break;
+    } // switch
+
+    TimerPtr += *PlatformTimerLength;
+    Offset += *PlatformTimerLength;
+  } // while
 }
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'