From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177])
 by mx.groups.io with SMTP id smtpd.web10.294.1616802114318920430
 for <devel@edk2.groups.io>;
 Fri, 26 Mar 2021 16:41:54 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20161025 header.b=rx3mYXi0;
 spf=pass (domain: gmail.com, ip: 209.85.210.177, mailfrom: kuqin12@gmail.com)
Received: by mail-pf1-f177.google.com with SMTP id q5so5879597pfh.10
        for <devel@edk2.groups.io>; Fri, 26 Mar 2021 16:41:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=VESkMP2X10ujkaHvFAadJhY3C7au7ThXNWl7BvPFquc=;
        b=rx3mYXi0Bf90ITCgZCZp4c3ikTskfgvk8zOQ3N7iqtfhVh9yQ0eC/iAmbP+8Z/9GGf
         C4gSns6YmWetfeZIhaDW4NcYkGSoPnwWH57Wb2fD+rpLLBxlRE4jrDwAGXiu+LYGyAA2
         HKEFak5x+Bv87pcBDOschXTp2Fgpv3fpWXtgilQ0AV4OGVPmI/oIoX370DXDHjzLHBww
         H6ICH6KieDvkynJCviiSs2dGweGd+y8a9iCUfBEMzOW8t+dYwrhbNJMU1rItNsCMolau
         wKNszJnKIVbZ0VA33+gJGn/e3eJJf3igbEFi/K2AkMKpNuaDiR2fMQ6OZzECzRUjpX2H
         zyqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=VESkMP2X10ujkaHvFAadJhY3C7au7ThXNWl7BvPFquc=;
        b=jds+/hfwbLqAeA8CXXJkgecrsz4HqE60/MlT6X3N9GAzpktTQecwvax+8mWXeHtfaH
         Q8AKrJapTETfvPN4FBWOhz4WuM848eU8L+JfTYzRDiUy6btO057rQOP6qnMMV9B8DgKu
         xv7XFHZy9vST9yEV8Pk5eWZSHUPE7x7Uj8I8I+5zKbCSx7R52ZX3lIiyJG1ym5u8MUas
         s7m1eVj1R+J8CIWl3jB9bjAYKpc/3nXawhFTX+qjjTLVenX/550qyOyelPC5W8XqhOfC
         6bpWDH68MsK9NrgU6z9No0BrcVibnzSINMR5ivRiGfc/+NLyY+WxOI5JfNslz/dwqhkW
         jxYA==
X-Gm-Message-State: AOAM531bB9epJJxfw/qMhIW9NQJFHJGAw5E9oiNG3Dj73JbGbZbgcqqJ
	Qoz5pXck3EMwF8CvmksGNHh1zYIrOPZ1zA==
X-Google-Smtp-Source: ABdhPJztC4W6pIqOYVKkD/JvVIqclzN/DDWsZLgpEeFDca2ASGVMtC1ZP6mlfutlSduAdv4L2HIfrw==
X-Received: by 2002:a63:ea53:: with SMTP id l19mr13867994pgk.176.1616802113681;
        Fri, 26 Mar 2021 16:41:53 -0700 (PDT)
Return-Path: <kuqin12@gmail.com>
Received: from localhost.localdomain ([50.35.88.161])
        by smtp.gmail.com with ESMTPSA id q20sm9837248pgh.17.2021.03.26.16.41.53
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 26 Mar 2021 16:41:53 -0700 (PDT)
From: "Kun Qin" <kuqin12@gmail.com>
To: devel@edk2.groups.io
Cc: Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Rahul Kumar <rahul1.kumar@intel.com>
Subject: [PATCH v1 0/1] Add buffer size check before save state read
Date: Fri, 26 Mar 2021 16:41:41 -0700
Message-Id: <20210326234142.1973-1-kuqin12@gmail.com>
X-Mailer: git-send-email 2.31.0.windows.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3283

This change added buffer width check before copying IO information into
incoming buffer. This bug could potentially corrupt memory due to out of
buffer boundary memory access.

Patch v1 branch: https://github.com/kuqin12/edk2/tree/svst_width_v1

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Kun Qin (1):
  UefiCpuPkg: PiSmmCpuDxeSmm: Check buffer size before accessing

 UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c | 7 +++++++
 1 file changed, 7 insertions(+)

-- 
2.31.0.windows.1