From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=x7Vqrq0d; spf=pass (domain: arm.com, ip: 40.107.15.81, mailfrom: krzysztof.koch@arm.com) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com [40.107.15.81]) by groups.io with SMTP; Thu, 15 Aug 2019 06:13:09 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bHX7GHe/SdQGVmo99dU8M1GGCiCmG+k/3yaXEwSzzl8=; b=x7Vqrq0dfTI78revySklmMHXIud01I914nzYx5Cjjj6KabicRtCciEeSv7hxJIL7QL4/AIdWIVPBn91iA/1+TJvQvJ/yt+BCjl0DOXlmqMg0Go55WtVJPiMzGSC+nwzAMd/JZsU7uIAnyGrLL0CVSl68iqFmjiRWTG0oeH5dQlA= Received: from VI1PR08CA0167.eurprd08.prod.outlook.com (2603:10a6:800:d1::21) by HE1PR0802MB2601.eurprd08.prod.outlook.com (2603:10a6:3:d8::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2178.16; Thu, 15 Aug 2019 13:13:04 +0000 Received: from DB5EUR03FT020.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::206) by VI1PR08CA0167.outlook.office365.com (2603:10a6:800:d1::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2157.16 via Frontend Transport; Thu, 15 Aug 2019 13:13:04 +0000 Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; edk2.groups.io; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;edk2.groups.io; dmarc=temperror action=none header.from=arm.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout) Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT020.mail.protection.outlook.com (10.152.20.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2178.16 via Frontend Transport; Thu, 15 Aug 2019 13:13:03 +0000 Received: ("Tessian outbound 40a263b748b4:v26"); Thu, 15 Aug 2019 13:13:03 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 400698d2cdefa8eb X-CR-MTA-TID: 64aa7808 Received: from 8ec41b02b547.1 (cr-mta-lb-1.cr-mta-net [104.47.9.54]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id BB180F35-9BB1-42FE-8792-5512C76E62A2.1; Thu, 15 Aug 2019 13:12:58 +0000 Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-ve1eur03lp2054.outbound.protection.outlook.com [104.47.9.54]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 8ec41b02b547.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384); Thu, 15 Aug 2019 13:12:58 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XaSFd4fM6ledVegxbMBs/c1pAOvXUluIlX7xfk3Peh0EjQXcbSgfYjEx31fHhovKVkDPwZwx0l3qk7AInpD1bOurjSwaIVosdQj3GeCnW4OlZDe7n4P/x+OX1i24Q8ufJmSoWxhA2cc3OHlCC2V29NKtIub142MnRmQ+/zvKdEsO/W/qhbj71MoujS4lxN5e6v9U4ayAZEzWULPCEZoPYBx1bcfL2g+H6lbhNIDg/O560dIdAs+lGg+UYosVrencAPE9TMOYqJCF73fPTNwOMrz5p/CBcsrNq7yrr4KfCjPFU+Cz1gwV2NxihQ5RPfz9mYGf9y9fn5JLGURF8PKthQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bHX7GHe/SdQGVmo99dU8M1GGCiCmG+k/3yaXEwSzzl8=; b=O3gTE/iNrkPr0/FBmo0D+rstua5IBv0co8HMk8ASHj3HtqWkpQWHgH62iUkmqqSYyssW7G4j8re0sQyag0xwQzIO7RtNQF2H4yNwpl9daMxErY4rydc31nBAS1ZY8zJD46NBR/LOAmuWmdI9ReBmrk3eMdyxleOyBnm37MpIAqJRyCheb+1G9NNdBwHsDt2EavWWGniSxTKnQCrFpuXJJqsJdDHpUiIv+yxZkbYNB+zBOpCh8QeDBRXrRF/b5GY64JSeVsyFs0UpT8rJXrLiSDINrXLKN8lvrKwVskUnXuISGTdnH6DDlh0MJpBMsCamPwrl3JIAT8Pep0BKyRBnRg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=temperror action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bHX7GHe/SdQGVmo99dU8M1GGCiCmG+k/3yaXEwSzzl8=; b=x7Vqrq0dfTI78revySklmMHXIud01I914nzYx5Cjjj6KabicRtCciEeSv7hxJIL7QL4/AIdWIVPBn91iA/1+TJvQvJ/yt+BCjl0DOXlmqMg0Go55WtVJPiMzGSC+nwzAMd/JZsU7uIAnyGrLL0CVSl68iqFmjiRWTG0oeH5dQlA= Received: from VI1PR0802CA0016.eurprd08.prod.outlook.com (2603:10a6:800:aa::26) by VI1PR0801MB1855.eurprd08.prod.outlook.com (2603:10a6:800:59::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2157.15; Thu, 15 Aug 2019 13:12:55 +0000 Received: from DB5EUR03FT050.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::203) by VI1PR0802CA0016.outlook.office365.com (2603:10a6:800:aa::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2178.16 via Frontend Transport; Thu, 15 Aug 2019 13:12:55 +0000 Authentication-Results-Original: spf=temperror (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=temperror action=none header.from=arm.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout) Received: from nebula.arm.com (40.67.248.234) by DB5EUR03FT050.mail.protection.outlook.com (10.152.21.128) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.2178.16 via Frontend Transport; Thu, 15 Aug 2019 13:12:54 +0000 Received: from AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1415.2; Thu, 15 Aug 2019 13:11:38 +0000 Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1415.2; Thu, 15 Aug 2019 13:11:37 +0000 Received: from E119924.Arm.com (10.1.199.124) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Thu, 15 Aug 2019 13:11:37 +0000 From: "Krzysztof Koch" To: CC: , , , , , Subject: [PATCH v1 11/11] ShellPkg: acpiview: DBG2: Validate global pointers before use Date: Thu, 15 Aug 2019 14:11:21 +0100 Message-ID: <20190815131121.52644-12-krzysztof.koch@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20190815131121.52644-1-krzysztof.koch@arm.com> References: <20190815131121.52644-1-krzysztof.koch@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;IPV:NLI;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(39860400002)(346002)(396003)(376002)(136003)(2980300002)(199004)(189003)(53416004)(81156014)(44832011)(36756003)(336012)(2351001)(48376002)(2906002)(63370400001)(5660300002)(426003)(486006)(2616005)(6916009)(63350400001)(126002)(1076003)(50226002)(8936002)(70586007)(446003)(15650500001)(11346002)(70206006)(476003)(81166006)(305945005)(16586007)(6666004)(316002)(50466002)(8676002)(4326008)(26005)(54906003)(7696005)(47776003)(356004)(186003)(53936002)(478600001)(86362001)(76176011)(51416003);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR0801MB1855;H:nebula.arm.com;FPR:;SPF:TempError;LANG:en;PTR:InfoDomainNonexistent;A:1;MX:1; X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 67c94a5a-e22e-4c2b-30d3-08d721824e1c X-Microsoft-Antispam-Untrusted: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328);SRVR:VI1PR0801MB1855; X-MS-TrafficTypeDiagnostic: VI1PR0801MB1855:|HE1PR0802MB2601: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true X-MS-Oob-TLC-OOBClassifiers: OLM:3383;OLM:3383; X-Forefront-PRVS: 01304918F3 X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info-Original: F3OLmqDGQDJqFXKKT/dE+fXL6SPP+d0feIt1dKb3SGX0QyZqvENtf6cyd5OtmweP/9TXccAiTpGZeX6vOv8UzE5EhT8AedsGKE3k032PSj7USfeS4rruXwxY07DCr8iZgQU9sBS94rofjqJ4aSxFsW5PMHQ3550+9wtcO2PoO3vhq96Y01+i7HvdzwGR+egwzrRh1Ju6LZn5twN5fIhOcFkr6GLjObVM5fCwwsDhIvhGJ36vpBYOjcTaZNP0reWzCzLBlOvoEU9rKb6ppvM5mYfPQZpoQlPeLOS9hea2B9wXblITdNT8fqx5hHVv3T6lDydzf91Od0zcFVOKMDychS4DtIxUZ7ZT8+GvzWm+pOol9l0lXx54Kk9K4N+2hheCwnG0PrflB3e0/BTjqOjHJujGlyURMZTc4p3rbSmC9M4= X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1855 Original-Authentication-Results: spf=temperror (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=temperror action=none header.from=arm.com; Return-Path: Krzysztof.Koch@arm.com X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT020.eop-EUR03.prod.protection.outlook.com X-Forefront-Antispam-Report: CIP:63.35.35.123;IPV:CAL;SCL:-1;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(396003)(376002)(346002)(39860400002)(136003)(2980300002)(189003)(199004)(63370400001)(51416003)(8676002)(81166006)(81156014)(305945005)(44832011)(76176011)(7696005)(8936002)(76130400001)(50226002)(47776003)(70586007)(70206006)(26005)(186003)(16586007)(316002)(11346002)(446003)(63350400001)(478600001)(426003)(336012)(54906003)(26826003)(2616005)(476003)(126002)(486006)(5660300002)(2351001)(6666004)(1076003)(2906002)(86362001)(53416004)(36756003)(48376002)(6916009)(50466002)(15650500001)(4326008)(22756006);DIR:OUT;SFP:1101;SCL:1;SRVR:HE1PR0802MB2601;H:64aa7808-outbound-1.mta.getcheckrecipient.com;FPR:;SPF:TempError;LANG:en;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;MX:1;A:1; X-MS-Office365-Filtering-Correlation-Id-Prvs: aaf19ab3-535f-41d1-8835-08d72182489d X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(710020)(711020)(4605104)(1401327)(2017052603328);SRVR:HE1PR0802MB2601; NoDisclaimer: True X-Forefront-PRVS: 01304918F3 X-Microsoft-Antispam-Message-Info: EVacEqgz39EtwxH3fdBfFapqmBdN9SGH6K/Z40CWkQu2dKcBszsHBc9Am2+ctE+oOtcFebT7pnICHiCHBvInjNS/x9Yj089cuf0+gT0JVrwyzgq9q8YNYw4M4XhpXJv+uY4ZqwUu/X8s82g70/MKUl5bF4dBf0USffCfEFyQ35UxeOqslUmx0FCc9IGKsAUfev78/P3379MuLauzA8yF3nVpG3alKrAebC+PN2yYtqDiiWCXhbTf2t7Cmt8ZYD0krtuIHlhO24httzlBN1XPDfC+nj6Uw3hl/SVgl0wMx877eIFk7fdg11eFEGsC19DQNn9Dke9eD21Ox/+8mATo8JaioJXvW8fdWxxiuEtpqKTO0j/XVgMNy7rosymEx5fjPNZSFi1aSXWyNk/tgaeimlRUujQGR3poercNzxdnRuI= X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Aug 2019 13:13:03.5569 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 67c94a5a-e22e-4c2b-30d3-08d721824e1c X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0802MB2601 Content-Type: text/plain Check if global (in the scope of the DBG2 parser) pointers have been successfully updated before they are used for further table parsing. Signed-off-by: Krzysztof Koch --- Notes: v1: - Test against NULL pointers [Krzysztof] ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c | 43 ++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c index 869e700b9beda4886bf7bc5ae4ced3ab9a59efa3..0f730a306a94329a23fbaf54b59f1833b44616ba 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c @@ -123,6 +123,24 @@ DumpDbgDeviceInfo ( PARSER_PARAMS (DbgDevInfoParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((GasCount == NULL) || + (NameSpaceStringLength == NULL) || + (NameSpaceStringOffset == NULL) || + (OEMDataLength == NULL) || + (OEMDataOffset == NULL) || + (BaseAddrRegOffset == NULL) || + (AddrSizeOffset == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient Debug Device Information Structure length. " \ + L"Length = %d.\n", + Length + ); + return; + } + // GAS Index = 0; Offset = *BaseAddrRegOffset; @@ -224,6 +242,18 @@ ParseAcpiDbg2 ( PARSER_PARAMS (Dbg2Parser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((OffsetDbgDeviceInfo == NULL) || + (NumberDbgDeviceInfo == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient table length. AcpiTableLength = %d\n", + AcpiTableLength + ); + return; + } + Offset = *OffsetDbgDeviceInfo; Index = 0; @@ -239,6 +269,19 @@ ParseAcpiDbg2 ( PARSER_PARAMS (DbgDevInfoHeaderParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if (DbgDevInfoLen == NULL) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient remaining table buffer length to read the " \ + L"Debug Device Information structure's 'Length' field. " \ + L"RemainingTableBufferLength = %d.\n", + AcpiTableLength - Offset + ); + return; + } + // Make sure the Debug Device Information structure lies inside the table. if ((Offset + *DbgDevInfoLen) > AcpiTableLength) { IncrementErrorCount (); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'