From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f65.google.com (mail-wm1-f65.google.com [209.85.128.65]) by mx.groups.io with SMTP id smtpd.web12.8159.1573150181172792625 for ; Thu, 07 Nov 2019 10:09:41 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=AV0pIF6p; spf=pass (domain: linaro.org, ip: 209.85.128.65, mailfrom: leif.lindholm@linaro.org) Received: by mail-wm1-f65.google.com with SMTP id v3so5484063wmh.1 for ; Thu, 07 Nov 2019 10:09:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=uvAwcI69WKZUadE3ti0N/VkpbpkFh6/r6BDe99VBNf4=; b=AV0pIF6pmkNKVYPblPQxr6tIXin0LQH+TlpYhUf/fVVllbJlcgK0LfhUguTcSpHoK5 mm6l04OF9lltXaNAjZcUic3fHAgVEsM0uJA6zCo4EK3+4DgyF6Vy3GVAuRt4xqXAElmq Giks634Js1wigbXL8I3VYURq6hcEYWZYsMIWJyzoBACklM57P34muKWDrnJd82Qlwr0U Kzo3JdU3bcC44ZTKiXy0ALguT5MZ5uCyQbLMZovVS/GeI4z+9tP9bMYQ+z6CIQ2f/7cQ O91abud/1OegGHtSM3YuWo8khH9eMKunVGURMPq5yiX9tViCPFj66sb+IZhNgKEU6k1v Gfjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=uvAwcI69WKZUadE3ti0N/VkpbpkFh6/r6BDe99VBNf4=; b=PHX2Uknj/Vtibt+kBDSVDHvu5xWX0Lx8tvZ0McOoxJfnLv48p86vb5VsMtezvXNrK0 rIhwk4opyiGz52buvlAEgHdUPEk+Qu2DUlC86OhmaWt50yE2PR0PxYBrF1YMvHqJ2Icr RZfgANwi3vGZb7jOUeMfX2HUqEe4BRgwcKDkoLqxQo1wh7iUJe0eszVWbZyRMwTSuOEH 4GDkWXbCSfzRO5scBgJqm1WgBP+YDb1S0lpMy2jeuOZr5fnxskNNvCIuO6ZtrJo/A3bK Rs3l14BXEm6eA3sZxv0PJ6xZ+ktz4wozi8SAwCQdDXmxKh1KjFYaeLpxZPaz8URqXNfZ yrrg== X-Gm-Message-State: APjAAAWrR1RA9lr2+ZJetIU+xfHJGRfDAqB/evuFAn2Na3AzofRMz3u1 2jSNYZZ0oaLXY5gAFiKJqEt+hw== X-Google-Smtp-Source: APXvYqz71SR5+EdUcwh6myn8fgAaPgpMkTfp3gUPeZLc+r7pFM8bnTaKm/zz9jCIn8dArgYVExV1Dg== X-Received: by 2002:a1c:5f42:: with SMTP id t63mr4037985wmb.163.1573150179660; Thu, 07 Nov 2019 10:09:39 -0800 (PST) Return-Path: Received: from bivouac.eciton.net (bivouac.eciton.net. [2a00:1098:0:86:1000:23:0:2]) by smtp.gmail.com with ESMTPSA id d202sm2639023wmd.47.2019.11.07.10.09.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Nov 2019 10:09:38 -0800 (PST) Date: Thu, 7 Nov 2019 18:09:37 +0000 From: "Leif Lindholm" To: Pete Batard Cc: devel@edk2.groups.io, ard.biesheuvel@linaro.org, philmd@redhat.com Subject: Re: [edk2-platforms][PATCH 1/1] Platform/RPi: Prevent buffer over-read when the command line is empty Message-ID: <20191107180937.GX16820@bivouac.eciton.net> References: <20191104160617.11036-1-pete@akeo.ie> <20191107162130.GQ16820@bivouac.eciton.net> <27d409b1-1761-8fe6-5c51-c4f53df3ce60@akeo.ie> <20191107172722.GV16820@bivouac.eciton.net> MIME-Version: 1.0 In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Nov 07, 2019 at 05:35:27PM +0000, Pete Batard wrote: > On 2019.11.07 17:27, Leif Lindholm wrote: > > On Thu, Nov 07, 2019 at 05:05:20PM +0000, Pete Batard wrote: > > > Hi Leif, > > > > > > On 2019.11.07 16:21, Leif Lindholm wrote: > > > > Patch looks good, but the term "command line" is a bit confusing. > > > > > > > > I assume we're talking about whatever way parameters are passed from > > > > pre-edk2 firmware to edk2, right? > > > > > > Yes. This is basically what the Raspberry Pi VideoCore bootcode digests and > > > passes as boot arguments to the ARM boot loader (i.e. our TF-A + EFI > > > firmware executable). It contains options that the user may have set in > > > their 'config.txt' as well as other data. > > > > Sure. > > > > > > Is there a more precise term for this? > > > > > > Would "boot arguments" or "external boot arguments" work for you? Or if you > > > prefer "(external) boot parameters" should be applicable too. > > > > Either would be fine - I was just hoping there might be a recognized > > standard name for them :) > > Well, as far as I know, the recognized standard name is "commandline" as per > https://www.raspberrypi.org/documentation/configuration/config-txt/boot.md > > For instance there exists an option called disable_commandline_tags which > pertains to what we are talking about. Right. I meant something non-context-dependent. Nevermind :) > > So, I could update the subject line to > > Platform/RPi: Prevent external boot arguments over-read > > in order to keep it short, and change "command line" in the commit > > message body to "external boot arguments" - does that work for you? > > If you can do that, that's great. Thanks! Done. And with that: Reviewed-by: Leif Lindholm Pushed as 92f06ccddfcf. Thanks! / Leif > /Pete > > > > > Regards, > > > > Leif > > > > > Regards, > > > > > > /Pete > > > > > > > > > > > / > > > > Leif > > > > > > > > On Mon, Nov 04, 2019 at 04:06:17PM +0000, Pete Batard wrote: > > > > > From: Andrei Warkentin > > > > > > > > > > It is possible for the command line to be empty > > > > > (Cmd->TagHead.TagValueSize = 0), in which case the code should not > > > > > attempt to read the value at CommandLine[-1]. > > > > > > > > > > Signed-off-by: Pete Batard > > > > > --- > > > > > Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c | 3 ++- > > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > > > diff --git a/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c b/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c > > > > > index 5a9d4c3f1787..9b4aa068857c 100644 > > > > > --- a/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c > > > > > +++ b/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c > > > > > @@ -927,7 +927,8 @@ RpiFirmwareGetCommmandLine ( > > > > > CopyMem (CommandLine, Cmd->CommandLine, Cmd->TagHead.TagValueSize); > > > > > - if (CommandLine[Cmd->TagHead.TagValueSize - 1] != '\0') { > > > > > + if (Cmd->TagHead.TagValueSize == 0 || > > > > > + CommandLine[Cmd->TagHead.TagValueSize - 1] != '\0') { > > > > > // > > > > > // Add a NUL terminator if required. > > > > > // > > > > > -- > > > > > 2.21.0.windows.1 > > > > > > > > >