From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR04-HE1-obe.outbound.protection.outlook.com (EUR04-HE1-obe.outbound.protection.outlook.com [40.107.7.71]) by mx.groups.io with SMTP id smtpd.web10.9240.1579518880700285004 for ; Mon, 20 Jan 2020 03:14:41 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=PulX12So; spf=pass (domain: arm.com, ip: 40.107.7.71, mailfrom: krzysztof.koch@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MnXt5eEHoGvExUMRqitUn405zehOqKOYzBZTItrVows=; b=PulX12SoG34scwMDy+vZaU8vxtS2ticG4VD92i7tJGom16kweMR49ld+R2HzW2rPGmoDhf4p8YQ8SjTV82taoWokV1PBIMetbFfkxpPMKkua3VZKxwnqO+gRRQlKcRzL3Rj6zGhwMsKu23JfT4pdV+W9kQgcL4KumTMQw8Fe6iA= Received: from VI1PR08CA0158.eurprd08.prod.outlook.com (2603:10a6:800:d1::12) by AM0PR08MB4612.eurprd08.prod.outlook.com (2603:10a6:208:105::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.24; Mon, 20 Jan 2020 11:14:37 +0000 Received: from AM5EUR03FT029.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::206) by VI1PR08CA0158.outlook.office365.com (2603:10a6:800:d1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.18 via Frontend Transport; Mon, 20 Jan 2020 11:14:37 +0000 Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; edk2.groups.io; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT029.mail.protection.outlook.com (10.152.16.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:36 +0000 Received: ("Tessian outbound 1da651c29646:v40"); Mon, 20 Jan 2020 11:14:36 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 4467f73f2ee61145 X-CR-MTA-TID: 64aa7808 Received: from 465b9a6ec0a5.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id AB21292A-D86A-4930-8CA7-41FCE617E43E.1; Mon, 20 Jan 2020 11:14:31 +0000 Received: from EUR05-AM6-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 465b9a6ec0a5.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 20 Jan 2020 11:14:31 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JIc3JxDwqmF4zseRJVZuNZlnVYhqowEM3LMYNc27GgBypv491NZcYjOhJrknFVOnm1t7vmClS2QlWQSuwwbrxlsm5nZH3UCaesG2hFckoMTzfRzAE3NlYjpMYq+PPh/Iis4IfzkIMAMMratE62uf4u+wtjqjpfFfP8DeSc/NxVnTTZmei59orAac4w15PTS9YD4tlYP31kfiwd61xkx7Vjs4W0R7e2+7VqlrUdv8+wr5GoRR3ZvSpU4Ng8/Q52OzvdLWYtd0hxyHN3luTIIf1EY5jfRfklpL0SkrJ/BqSFlC2y/JFS+8BcWvYgvNEBG7xf+LMafct/mHrn4HSKgvnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MnXt5eEHoGvExUMRqitUn405zehOqKOYzBZTItrVows=; b=kKqtShS9rh95yzDoXFo4azAM7MzUuuFw1u/1zMD6vn+lUEK7qpBeKL0wWmDb54jnELT64Jf8tW6gVIYVt9ac+kzPEMZFY3q75w5RzXZdC7MUmIPDmV7vZLiIcGZzzfq+ZzOiVNFqyU7ZoOOqL8uGDDhLZqcM6fZtwKkV0zO8y2wTS9oNw5/pMooTST1zzcbkXC2TMY+4enyKW8EaTHtq7+3j1JlkKoBTtfAMJI/czZ9Xet9NycgZxCJVFuB+Cr5+dZe/RN9Y+dY5p6G8wKC8jVnJFQP70R+fkOmzvnJcaEdQzYyI28+oYBlosOb357UHDhAC/ESYTcLiMjvU4u2s3w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=bestguesspass action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MnXt5eEHoGvExUMRqitUn405zehOqKOYzBZTItrVows=; b=PulX12SoG34scwMDy+vZaU8vxtS2ticG4VD92i7tJGom16kweMR49ld+R2HzW2rPGmoDhf4p8YQ8SjTV82taoWokV1PBIMetbFfkxpPMKkua3VZKxwnqO+gRRQlKcRzL3Rj6zGhwMsKu23JfT4pdV+W9kQgcL4KumTMQw8Fe6iA= Received: from VI1PR08CA0212.eurprd08.prod.outlook.com (2603:10a6:802:15::21) by VI1PR08MB3791.eurprd08.prod.outlook.com (2603:10a6:803:c0::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.19; Mon, 20 Jan 2020 11:14:30 +0000 Received: from AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::209) by VI1PR08CA0212.outlook.office365.com (2603:10a6:802:15::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend Transport; Mon, 20 Jan 2020 11:14:30 +0000 Authentication-Results-Original: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; Received: from nebula.arm.com (40.67.248.234) by AM5EUR03FT028.mail.protection.outlook.com (10.152.16.118) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:29 +0000 Received: from AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1415.2; Mon, 20 Jan 2020 11:14:09 +0000 Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1779.2; Mon, 20 Jan 2020 11:14:09 +0000 Received: from E119924.Arm.com (10.37.9.56) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Mon, 20 Jan 2020 11:14:09 +0000 From: "Krzysztof Koch" To: CC: , , , , Subject: [PATCH v3 11/11] ShellPkg: acpiview: DBG2: Validate global pointers before use Date: Mon, 20 Jan 2020 11:13:51 +0000 Message-ID: <20200120111351.29184-12-krzysztof.koch@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20200120111351.29184-1-krzysztof.koch@arm.com> References: <20200120111351.29184-1-krzysztof.koch@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;IPV:;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(39860400002)(136003)(376002)(396003)(346002)(199004)(189003)(478600001)(54906003)(4326008)(8676002)(81166006)(186003)(81156014)(1076003)(8936002)(15650500001)(2616005)(316002)(26005)(2906002)(336012)(7696005)(426003)(70586007)(70206006)(86362001)(356004)(6666004)(44832011)(6916009)(36756003)(5660300002);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR08MB3791;H:nebula.arm.com;FPR:;SPF:Pass;LANG:en;PTR:InfoDomainNonexistent;A:1;MX:1; X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2ba8e612-f6a4-49e6-bcf6-08d79d99ef7f X-MS-TrafficTypeDiagnostic: VI1PR08MB3791:|AM0PR08MB4612: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true NoDisclaimer: True X-MS-Oob-TLC-OOBClassifiers: OLM:3826;OLM:3826; X-Forefront-PRVS: 0288CD37D9 X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: eZRmNgxPG5AvWtF1Y9+RdOaJwX3F9ThvrcSVBfHk3FfySiCdfjhcs0rUhNvIiEhUk44msIu311ADdHVbpFyTiNKuhAWwvwOnZgS0vzF27VIvC55mzVUSFYN2uZuBxixp22a19M+o9diAdN627le5UFpQ3TP4xqCSyjMHkJjuqGuD3RbL299lsnV28r7JHVgfCo/GIREJz4+6ILk4QkMUtwIpUq9n3S7Ls9QiYiu0RjJ4ap+g93MQfG1th1yaw1YTvBbjp9aLr+eaLhEGXB+2QOIhfWIKoETzUU70RC4FbyZaFuoYyowDt+iwuuEnoA0ra2m1quIPk29wGVp/+S+Va1Dwtl7MfM/cTsYiiU3pooX8oJbJ9PQ9jeH40R0fGdmaTl88LW6OGcrfR1jDH2I8tYVg8YO4tmXv2LYdiJoNJVjmPQaoqTlW3dnNx3s/RxDC X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3791 Original-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Return-Path: Krzysztof.Koch@arm.com X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT029.eop-EUR03.prod.protection.outlook.com X-Forefront-Antispam-Report: CIP:63.35.35.123;IPV:CAL;SCL:-1;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(396003)(376002)(346002)(136003)(39860400002)(189003)(199004)(6916009)(426003)(86362001)(36906005)(2906002)(186003)(336012)(81166006)(26005)(8936002)(316002)(2616005)(8676002)(70586007)(70206006)(15650500001)(54906003)(6666004)(44832011)(5660300002)(4326008)(1076003)(26826003)(81156014)(36756003)(478600001)(7696005);DIR:OUT;SFP:1101;SCL:1;SRVR:AM0PR08MB4612;H:64aa7808-outbound-1.mta.getcheckrecipient.com;FPR:;SPF:Pass;LANG:en;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;MX:1;A:1; X-MS-Office365-Filtering-Correlation-Id-Prvs: 45ff05ea-2bcc-453e-defd-08d79d99eb54 X-Forefront-PRVS: 0288CD37D9 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VhjUa+gbcqifbEVzVcUqV/0cw3WrE7GXEupGPeIIhOGrGaErwKtJ54Bjhyr/Cg1V3zy2gCjAfjYymhypMNn0rBk4BftPpvaptW+2SQLJkwS2AymoHGcosokGuLJGY6RASR0BwVoX412+tdib4pvwf1wX6ZldkosshkoGWqeU0yQzHSADHXgyYVZlHC616riZWsqK5SooNG5VzHYOcybguoID9FFAYDCL3ihg3s1Vp3ZBGbFPjCrqN5PFPN8acXAmkhqUU4JxF43g3z5xQFYAY8geaITu0RhBxjH1L8wa5UBy/aZFBt7MCGYKNKSK0uAAH6RbApaarhi9b2GIhlAUjFlyFz7zTE3hSbStZYhdCjfedmvOMz2WDaPhuGJ8eu/9LsoxYm8mpKMjgqxH9lHxbY0/EEFY46TQz1tBWJV5MQi7Ul8CVTxKCWgU0+DnbK9L X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jan 2020 11:14:36.9287 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2ba8e612-f6a4-49e6-bcf6-08d79d99ef7f X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4612 Content-Type: text/plain Check if global (in the scope of the DBG2 parser) pointers have been successfully updated before they are used for further table parsing. Signed-off-by: Krzysztof Koch --- Notes: v3: - Rebase on latest master [Krzysztof] v1: - Test against NULL pointers [Krzysztof] ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c | 43 ++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c index 869e700b9beda4886bf7bc5ae4ced3ab9a59efa3..0f730a306a94329a23fbaf54b59f1833b44616ba 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c @@ -123,6 +123,24 @@ DumpDbgDeviceInfo ( PARSER_PARAMS (DbgDevInfoParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((GasCount == NULL) || + (NameSpaceStringLength == NULL) || + (NameSpaceStringOffset == NULL) || + (OEMDataLength == NULL) || + (OEMDataOffset == NULL) || + (BaseAddrRegOffset == NULL) || + (AddrSizeOffset == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient Debug Device Information Structure length. " \ + L"Length = %d.\n", + Length + ); + return; + } + // GAS Index = 0; Offset = *BaseAddrRegOffset; @@ -224,6 +242,18 @@ ParseAcpiDbg2 ( PARSER_PARAMS (Dbg2Parser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if ((OffsetDbgDeviceInfo == NULL) || + (NumberDbgDeviceInfo == NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient table length. AcpiTableLength = %d\n", + AcpiTableLength + ); + return; + } + Offset = *OffsetDbgDeviceInfo; Index = 0; @@ -239,6 +269,19 @@ ParseAcpiDbg2 ( PARSER_PARAMS (DbgDevInfoHeaderParser) ); + // Check if the values used to control the parsing logic have been + // successfully read. + if (DbgDevInfoLen == NULL) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient remaining table buffer length to read the " \ + L"Debug Device Information structure's 'Length' field. " \ + L"RemainingTableBufferLength = %d.\n", + AcpiTableLength - Offset + ); + return; + } + // Make sure the Debug Device Information structure lies inside the table. if ((Offset + *DbgDevInfoLen) > AcpiTableLength) { IncrementErrorCount (); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'