From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR01-DB5-obe.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com [40.107.15.49]) by mx.groups.io with SMTP id smtpd.web11.9085.1579518878030162615 for ; Mon, 20 Jan 2020 03:14:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=QethIXUf; spf=pass (domain: arm.com, ip: 40.107.15.49, mailfrom: krzysztof.koch@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/FTqhOtiLfiZRClWBp0QTNU+yFX9jsMdLXV2T6oDsBg=; b=QethIXUfZYSeIO2//AIQm5dfYkV+d1+SVghnxCVrWhHp15M9hVAd2Ezp6hq+dzaL8S9cwWLKPLhkIIORCJ6THVtIyDvtEmAyAFUf+eM/CtihLvmrqwXspV6qG0dui/3EkXKRz4FRbW6JUT46qvl0lMOgjUOCTtpH693qWz77m5s= Received: from DB6PR0801CA0058.eurprd08.prod.outlook.com (2603:10a6:4:2b::26) by DB6PR0802MB2534.eurprd08.prod.outlook.com (2603:10a6:4:97::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20; Mon, 20 Jan 2020 11:14:35 +0000 Received: from AM5EUR03FT006.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::203) by DB6PR0801CA0058.outlook.office365.com (2603:10a6:4:2b::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.18 via Frontend Transport; Mon, 20 Jan 2020 11:14:35 +0000 Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; edk2.groups.io; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT006.mail.protection.outlook.com (10.152.16.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:35 +0000 Received: ("Tessian outbound ca1df68f3668:v40"); Mon, 20 Jan 2020 11:14:35 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 1fa2a57134a8f528 X-CR-MTA-TID: 64aa7808 Received: from b64afe7d4b3f.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 31A6E7F0-9865-4474-8BE9-97D77CA34261.1; Mon, 20 Jan 2020 11:14:29 +0000 Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id b64afe7d4b3f.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 20 Jan 2020 11:14:29 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AMoh67ZJ1+j74kJxwJOuiw1PJOE4BvDmYxJ+EGLEUn4qfUr62hRn9v7JMwu6b2udV4vc/w94bLlEYUP+UEDdgdqSqHQLj0dhnQJi9PsvG/GY5fRCfxY4iDgS7JWiyt0vzMFCsjM+QDG6l0lRWxgCCtGT/TEbuaGCIpdDbJb2Rir619xC8FxMa+Ryrj8wTpl4hzv/N5fmT/wf9EOLIUb4Z9xG5H5Mn/imd3iSSAl6bHDT/eDkw9CtpdbgB5DTP9MHhMzXIgIqoOYGi0C9i5RpHRaIv5R/iLzLBiAbyYbM6eH4cyvQk83uXdTmM7uMjJp2bAwU0s1mI78IKYeZOGS9QQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/FTqhOtiLfiZRClWBp0QTNU+yFX9jsMdLXV2T6oDsBg=; b=aJeAXyYYIHamSzdlimbKpIplyx3kXZmdelv6i+iDQleO8+INjHvw5DYleQNcIecPIr8bQeTl1XOUxjPwxHsxNabc9dK6ybsp4UrMJzZ6/pZFWatzsvCeLELvsSRBNDt07PtfBEBQoRHgLIliC9XAx5UPWsZUr9mktejtqDC6mHhQ5zDqzPiz8qxxNjlttDrOw3OgqakkwGyf0Yk2g8Qefqu/MqYpLR8wnqQeZX+JtFbyCsYMysjDYQQuwHG3PI09b6WHOQTfinbbnPse5/3FUSiRYi4xwNRK0cxzA/Bcrvqh78hXDsrGvGS+Efr7J6Jt2RfKUNdWxnyUptwdame3Cg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=bestguesspass action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/FTqhOtiLfiZRClWBp0QTNU+yFX9jsMdLXV2T6oDsBg=; b=QethIXUfZYSeIO2//AIQm5dfYkV+d1+SVghnxCVrWhHp15M9hVAd2Ezp6hq+dzaL8S9cwWLKPLhkIIORCJ6THVtIyDvtEmAyAFUf+eM/CtihLvmrqwXspV6qG0dui/3EkXKRz4FRbW6JUT46qvl0lMOgjUOCTtpH693qWz77m5s= Received: from VI1PR08CA0238.eurprd08.prod.outlook.com (2603:10a6:802:15::47) by AM6PR08MB4723.eurprd08.prod.outlook.com (2603:10a6:20b:c8::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.19; Mon, 20 Jan 2020 11:14:28 +0000 Received: from AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::202) by VI1PR08CA0238.outlook.office365.com (2603:10a6:802:15::47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.19 via Frontend Transport; Mon, 20 Jan 2020 11:14:28 +0000 Authentication-Results-Original: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; Received: from nebula.arm.com (40.67.248.234) by AM5EUR03FT028.mail.protection.outlook.com (10.152.16.118) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:27 +0000 Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1415.2; Mon, 20 Jan 2020 11:14:08 +0000 Received: from E119924.Arm.com (10.37.9.56) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Mon, 20 Jan 2020 11:14:08 +0000 From: "Krzysztof Koch" To: CC: , , , , Subject: [PATCH v3 10/11] ShellPkg: acpiview: GTDT: Validate global pointers before use Date: Mon, 20 Jan 2020 11:13:50 +0000 Message-ID: <20200120111351.29184-11-krzysztof.koch@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20200120111351.29184-1-krzysztof.koch@arm.com> References: <20200120111351.29184-1-krzysztof.koch@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;IPV:;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(376002)(136003)(346002)(396003)(39860400002)(199004)(189003)(6666004)(356004)(7696005)(15650500001)(44832011)(86362001)(4326008)(5660300002)(186003)(70206006)(70586007)(6916009)(316002)(26005)(36756003)(2616005)(8676002)(81156014)(8936002)(81166006)(54906003)(478600001)(2906002)(1076003)(426003)(336012);DIR:OUT;SFP:1101;SCL:1;SRVR:AM6PR08MB4723;H:nebula.arm.com;FPR:;SPF:Pass;LANG:en;PTR:InfoDomainNonexistent;A:1;MX:1; X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f6eaec7b-ef06-4562-d6b3-08d79d99ee89 X-MS-TrafficTypeDiagnostic: AM6PR08MB4723:|DB6PR0802MB2534: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true NoDisclaimer: True X-MS-Oob-TLC-OOBClassifiers: OLM:6430;OLM:6430; X-Forefront-PRVS: 0288CD37D9 X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: blMiSYVkpAiQTqJjT0KZM4E/isnFTIG+feD4thsChL/T90012bmefxQn80G2SUvhlFO+MZpFEXfnWFJ6o2vGYSG9QySHtMsBRhAR8Fr4dge65YgHcp4apA3PvlTgUFLGWGYYpyQvhPL8UTW6yvyVZ+ZOM4NCA/ppYygPHwD6qkIdlLgDSgy9DQUA9An2DaSIeBZRkLtmbz9z2RrNrMrpxSW8GM2OkjnDO62p64jgo527EztuMNd/qNDRlV8LsfRX399VwmUU/cFCUBRhghG/6zr4MaydnOUBtfJi0XctBqg5kCPC+KU7Yox2TSusEL711NwI8+0Zlkp6aGKvhtXZge1dJPEby9EDL7IhcW50LSACtL8jM9HpT6JgCjZz/qqUEa0nAEFEInoISR8kePTlspiMZ98JCQu5+rjDB7oL8H2SZxd+cKLXdyHWdPlbvO4V X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4723 Original-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Return-Path: Krzysztof.Koch@arm.com X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT006.eop-EUR03.prod.protection.outlook.com X-Forefront-Antispam-Report: CIP:63.35.35.123;IPV:CAL;SCL:-1;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(136003)(39860400002)(396003)(346002)(376002)(199004)(189003)(81166006)(36756003)(2906002)(70206006)(70586007)(15650500001)(5660300002)(86362001)(6666004)(81156014)(8936002)(44832011)(36906005)(426003)(2616005)(54906003)(336012)(316002)(7696005)(1076003)(8676002)(186003)(4326008)(26005)(26826003)(478600001)(6916009);DIR:OUT;SFP:1101;SCL:1;SRVR:DB6PR0802MB2534;H:64aa7808-outbound-1.mta.getcheckrecipient.com;FPR:;SPF:Pass;LANG:en;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;A:1;MX:1; X-MS-Office365-Filtering-Correlation-Id-Prvs: 0078fe86-197a-4784-4085-08d79d99e9d7 X-Forefront-PRVS: 0288CD37D9 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: sIOcddS5oH3mE4MT+xqLiceBwiMr+69h2RozzHBy9XdGjRbZz4H6drco+0+azO71L8pfwqP/9zZl5aPy5r2/ByTfYy5YkJtUHsmf+GLVS+Qiwooo+REQ+ej73VkcIU5LzfZHxmH+00PsNCuObX2KlM3s18f9QrxtyXMmOkyLSA3D+G/bZb+cyzXOGmGwXC0+sY+TsCcUHk8DcNNar3b3oqXWHoM+POceH8rGay7l6bgzQt8IRkpnXhh/kurLFtwP59fgp1WJQWZ4bVzsbqtatJ3aNJ2lINTXVgqvrXpDevo3prssCzFMhLUHStcL2qpn0J3XC79djKvcy78lWalkyuYKowe2RSccHuFWeXlFxKzlt7KRm7zOU42WIuZHA/EdN3DdEAkl9+xd2zMxMYttCNoJdvlNStAsLRiAb8eUxyuqhizPpkog3bDgOJ3V3KwQ X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jan 2020 11:14:35.3141 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f6eaec7b-ef06-4562-d6b3-08d79d99ee89 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0802MB2534 Content-Type: text/plain Check if global (in the scope of the GTDT parser) pointers have been successfully updated before they are used for further table parsing. Signed-off-by: Krzysztof Koch --- Notes: v3: - Rebase on latest master [Krzysztof] v1: - Test against NULL pointers [Krzysztof] ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c | 37 ++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c index 57174e14c80072f12b90e1996ebe8f0002d0c404..699a55b549ec3fa61bbd156898821055dc019199 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c @@ -189,6 +189,18 @@ DumpGTBlock ( PARSER_PARAMS (GtBlockParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((GtBlockTimerCount == NULL) || + (GtBlockTimerOffset == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient GT Block Structure length. Length = %d.\n", + Length + ); + return; + } + Offset = *GtBlockTimerOffset; Index = 0; @@ -272,6 +284,18 @@ ParseAcpiGtdt ( PARSER_PARAMS (GtdtParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((GtdtPlatformTimerCount == NULL) || + (GtdtPlatformTimerOffset == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient table length. AcpiTableLength = %d.\n", + AcpiTableLength + ); + return; + } + TimerPtr = Ptr + *GtdtPlatformTimerOffset; Offset = *GtdtPlatformTimerOffset; Index = 0; @@ -290,6 +314,19 @@ ParseAcpiGtdt ( PARSER_PARAMS (GtPlatformTimerHeaderParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((PlatformTimerType == NULL) || + (PlatformTimerLength == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient remaining table buffer length to read the " \ + L"Platform Timer Structure header. Length = %d.\n", + AcpiTableLength - Offset + ); + return; + } + // Make sure the Platform Timer is inside the table. if ((Offset + *PlatformTimerLength) > AcpiTableLength) { IncrementErrorCount (); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'