From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by mx.groups.io with SMTP id smtpd.web11.87483.1669532431869733978
 for <devel@edk2.groups.io>;
 Sat, 26 Nov 2022 23:00:31 -0800
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=eGkGkF5u;
 spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: min.m.xu@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1669532431; x=1701068431;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=IRGmsSgiFvtlhVGb5etMdlsybzw2ys8NQvaWwlqKfMo=;
  b=eGkGkF5uIRsK7P0vf3Evlps6cyr5Fy2UTcwhS75pG4Q5gab/Mk+zePFt
   4w6Lgj18l2etZ65YRwgYR7Px4qB5Id0FGPKd3ZhqRKVyAnGvnX6WaC8co
   MevCYgW9cd4CaIOBdrrHgOlWmEcnGtySAEuQKjk1IA2cg6pt64SA728VH
   N6W4tyJNE73tnENl43OwSxek3AoCmiovkcCSnWJ6P0Ti0Cu7acMRsgK+x
   F5mj5jiWlcD+oGo7TuvKNZ7O08Ew15mQhDwGFgYB/Ee/wQZ+OkwrLMJsh
   TIsFSkELfAOmEEr2HjGH4FgXGSNEK6ca/fJiDEJCU72ZX5T7mNnj4yz1u
   w==;
X-IronPort-AV: E=McAfee;i="6500,9779,10543"; a="341557313"
X-IronPort-AV: E=Sophos;i="5.96,197,1665471600"; 
   d="scan'208";a="341557313"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Nov 2022 23:00:31 -0800
X-IronPort-AV: E=McAfee;i="6500,9779,10543"; a="731791363"
X-IronPort-AV: E=Sophos;i="5.96,197,1665471600"; 
   d="scan'208";a="731791363"
Received: from mxu9-mobl1.ccr.corp.intel.com ([10.249.169.57])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Nov 2022 23:00:29 -0800
From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min M Xu <min.m.xu@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH V1 1/1] OvmfPkg/PlatformInitLib: Add check to NvVarStoreFV HeaderLength
Date: Sun, 27 Nov 2022 15:00:14 +0800
Message-Id: <20221127070014.479-1-min.m.xu@intel.com>
X-Mailer: git-send-email 2.29.2.windows.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

From: Min M Xu <min.m.xu@intel.com>

There should be a check that the FV HeaderLength cannot be an odd
number. Otherwise in the following CalculateSum16 there would be an
ASSERT.

In ValidateFvHeader@QemuFlashFvbServicesRuntimeDxe/FwBlockServices.c
there a is similar check to the FwVolHeader->HeaderLength.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/Library/PlatformInitLib/Platform.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c b/OvmfPkg/Library/PlatformInitLib/Platform.c
index 2582689ffe35..77f22de046f2 100644
--- a/OvmfPkg/Library/PlatformInitLib/Platform.c
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -653,6 +653,7 @@ PlatformValidateNvVarStore (
       (!CompareGuid (&FvHdrGUID, &NvVarStoreFvHeader->FileSystemGuid)) ||
       (NvVarStoreFvHeader->Signature != EFI_FVH_SIGNATURE) ||
       (NvVarStoreFvHeader->Attributes != 0x4feff) ||
+      ((NvVarStoreFvHeader->HeaderLength & 0x01) != 0) ||
       (NvVarStoreFvHeader->Revision != EFI_FVH_REVISION) ||
       (NvVarStoreFvHeader->FvLength != NvVarStoreSize)
       )
-- 
2.29.2.windows.2