From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com [209.85.218.53])
 by mx.groups.io with SMTP id smtpd.web11.11511.1675333304939843723
 for <devel@edk2.groups.io>;
 Thu, 02 Feb 2023 02:21:45 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=NDSde+Q6;
 spf=pass (domain: gmail.com, ip: 209.85.218.53, mailfrom: savvamtr@gmail.com)
Received: by mail-ej1-f53.google.com with SMTP id p26so4454269ejx.13
        for <devel@edk2.groups.io>; Thu, 02 Feb 2023 02:21:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=vzxoyMOjwbNkp751n1o6iFzLittyABlWh1QqE8bSZ0k=;
        b=NDSde+Q6/oUx185KkqPR05y2oGEbYU+NI3j0wcypNjr3+IRk6GdziUOkvVy+8iGS6A
         mSnaHJ2PN5mMhXz6XjQnG5STh19hD4hljdY0hECOf+lMIvIezcQpOAmrD/50mu5vgf+N
         Jhe2XPGd+uepRV848JooQ/5lrFhyosn1j4SQvrlgvT4QK9oI8qKk2Q1gQxhu+WSHX/8M
         nM1EMs7qNy+ATJnnGs4hLWCWXkgpok+PgUsyXtaITuBB8PBb4wwP1dB+OPhyua6fgLyn
         TaCjoHaBbQDoiTcjxTedT7I/7Q4S0YCiv/GG1puCNeW53y9lg4XMHe4gxYd0X7PZ+2YY
         OFLQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=vzxoyMOjwbNkp751n1o6iFzLittyABlWh1QqE8bSZ0k=;
        b=yahqt5mYMML69lKp+uVkF3+K7TatM4s9QDULC34muQ0xVBJ/N4DoeRpnmkSQaeMLxZ
         2GbIk12p1DuwXayPr0Q6zmvyh+A43MdNn7YLXmncxd5MFSAvW6sS9bxSqh5p9b/+ob27
         q9p/eoVK0sGcFLgMyNdiPuQs/Fd7h9crFC4aRw1Fl+T+PQiknZk0UGvsrpEZ1RkqrvtL
         E6bmsHN1UWsMSY3jtnnCdc4UovLXqe28N4fBvOkLKNbKKfcQwe1ntsSgb7S9GTpuqFb9
         6xf6IIWTIefBQs71bSFAn7bPdVXyGswsWQFJoiDNeLljMhzVE63BijkfVAXdO6dbcwjD
         sAnw==
X-Gm-Message-State: AO0yUKVdP81bF73LgViBxcaLvqs377txh7HZXJlsf+uh0jQgA6bufh/7
	zdxwG/XdGnz37bd1b11Txm6pRquhGoAZjw==
X-Google-Smtp-Source: AK7set96UtqWP2IOlCnjdAH0EjSOvgHvyhzB5xr3MsEZ9K20D9ZTkNzvkeUY5pVVTCkvv6uiOcx+vg==
X-Received: by 2002:a17:906:4d50:b0:877:a7ec:5ff with SMTP id b16-20020a1709064d5000b00877a7ec05ffmr5650753ejv.10.1675333303306;
        Thu, 02 Feb 2023 02:21:43 -0800 (PST)
Return-Path: <savvamtr@gmail.com>
Received: from localhost.localdomain ([176.62.67.29])
        by smtp.gmail.com with ESMTPSA id ci22-20020a170906c35600b0087bcda2b07bsm10013121ejb.202.2023.02.02.02.21.42
        (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256);
        Thu, 02 Feb 2023 02:21:43 -0800 (PST)
From: "Savva Mitrofanov" <savvamtr@gmail.com>
To: devel@edk2.groups.io
Cc: =?UTF-8?q?Marvin=20H=C3=A4user?= <mhaeuser@posteo.de>,
	Pedro Falcato <pedro.falcato@gmail.com>,
	Vitaly Cheptsov <vit9696@protonmail.com>
Subject: [edk2-platforms][PATCH v4 06/12] Ext4Pkg: Corrects integer overflow check logic in DiskUtil
Date: Thu,  2 Feb 2023 16:21:27 +0600
Message-Id: <20230202102133.51606-7-savvamtr@gmail.com>
X-Mailer: git-send-email 2.39.1
In-Reply-To: <20230202102133.51606-1-savvamtr@gmail.com>
References: <20230202102133.51606-1-savvamtr@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Corrects multiplication overflow check code and adds additional check
for emptiness of number of blocks and block number

Cc: Marvin H=C3=A4user <mhaeuser@posteo.de>
Cc: Pedro Falcato <pedro.falcato@gmail.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.")
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
---
 Features/Ext4Pkg/Ext4Pkg.dsc        |  2 +-
 Features/Ext4Pkg/Ext4Dxe/DiskUtil.c | 18 ++++++++++++++----
 Features/Ext4Pkg/Ext4Dxe/Extents.c  | 15 ++++++++++++---
 3 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/Features/Ext4Pkg/Ext4Pkg.dsc b/Features/Ext4Pkg/Ext4Pkg.dsc
index 59bc327ebf6e..621c63eaf92d 100644
--- a/Features/Ext4Pkg/Ext4Pkg.dsc
+++ b/Features/Ext4Pkg/Ext4Pkg.dsc
@@ -46,7 +46,7 @@
   DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf=0D
   OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib=
/BaseOrderedCollectionRedBlackTreeLib.inf=0D
   BaseUcs2Utf8Lib|RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf=0D
-  =0D
+=0D
   #=0D
   # Required for stack protector support=0D
   #=0D
diff --git a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c b/Features/Ext4Pkg/Ext4Dxe=
/DiskUtil.c
index 32da35f7d9f5..5df9ce5bafcf 100644
--- a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c
+++ b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c
@@ -54,17 +54,20 @@ Ext4ReadBlocks (
   UINT64  Offset;=0D
   UINTN   Length;=0D
 =0D
+  ASSERT (NumberBlocks !=3D 0);=0D
+  ASSERT (BlockNumber !=3D EXT4_BLOCK_FILE_HOLE);=0D
+=0D
   Offset =3D MultU64x32 (BlockNumber, Partition->BlockSize);=0D
   Length =3D NumberBlocks * Partition->BlockSize;=0D
 =0D
   // Check for overflow on the block -> byte conversions.=0D
   // Partition->BlockSize is never 0, so we don't need to check for that.=
=0D
 =0D
-  if (Offset > DivU64x32 ((UINT64)-1, Partition->BlockSize)) {=0D
+  if (DivU64x64Remainder (Offset, BlockNumber, NULL) !=3D Partition->Block=
Size) {=0D
     return EFI_INVALID_PARAMETER;=0D
   }=0D
 =0D
-  if (Length > (UINTN)-1/Partition->BlockSize) {=0D
+  if (Length / NumberBlocks !=3D Partition->BlockSize) {=0D
     return EFI_INVALID_PARAMETER;=0D
   }=0D
 =0D
@@ -92,14 +95,21 @@ Ext4AllocAndReadBlocks (
   VOID   *Buf;=0D
   UINTN  Length;=0D
 =0D
+  // Check that number of blocks isn't empty, because=0D
+  // this is incorrect condition for opened partition,=0D
+  // so we just early-exit=0D
+  if ((NumberBlocks =3D=3D 0) || (BlockNumber =3D=3D EXT4_BLOCK_FILE_HOLE)=
) {=0D
+    return NULL;=0D
+  }=0D
+=0D
   Length =3D NumberBlocks * Partition->BlockSize;=0D
 =0D
-  if (Length > (UINTN)-1/Partition->BlockSize) {=0D
+  // Check for integer overflow=0D
+  if (Length / NumberBlocks !=3D Partition->BlockSize) {=0D
     return NULL;=0D
   }=0D
 =0D
   Buf =3D AllocatePool (Length);=0D
-=0D
   if (Buf =3D=3D NULL) {=0D
     return NULL;=0D
   }=0D
diff --git a/Features/Ext4Pkg/Ext4Dxe/Extents.c b/Features/Ext4Pkg/Ext4Dxe/=
Extents.c
index e1001d0a4292..99cb0f204fc2 100644
--- a/Features/Ext4Pkg/Ext4Dxe/Extents.c
+++ b/Features/Ext4Pkg/Ext4Dxe/Extents.c
@@ -237,6 +237,7 @@ Ext4GetExtent (
   EXT4_EXTENT_HEADER  *ExtHeader;=0D
   EXT4_EXTENT_INDEX   *Index;=0D
   EFI_STATUS          Status;=0D
+  EXT4_BLOCK_NR       BlockNumber;=0D
 =0D
   Inode  =3D File->Inode;=0D
   Ext    =3D NULL;=0D
@@ -288,7 +289,16 @@ Ext4GetExtent (
     // Therefore, we can use binary search, and it's actually the standard=
 for doing so=0D
     // (see FreeBSD).=0D
 =0D
-    Index =3D Ext4BinsearchExtentIndex (ExtHeader, LogicalBlock);=0D
+    Index       =3D Ext4BinsearchExtentIndex (ExtHeader, LogicalBlock);=0D
+    BlockNumber =3D Ext4ExtentIdxLeafBlock (Index);=0D
+=0D
+    // Check that block isn't file hole=0D
+    if (BlockNumber =3D=3D EXT4_BLOCK_FILE_HOLE) {=0D
+      if (Buffer !=3D NULL) {=0D
+        FreePool (Buffer);=0D
+      }=0D
+      return EFI_NO_MAPPING;=0D
+    }=0D
 =0D
     if (Buffer =3D=3D NULL) {=0D
       Buffer =3D AllocatePool (Partition->BlockSize);=0D
@@ -298,8 +308,7 @@ Ext4GetExtent (
     }=0D
 =0D
     // Read the leaf block onto the previously-allocated buffer.=0D
-=0D
-    Status =3D Ext4ReadBlocks (Partition, Buffer, 1, Ext4ExtentIdxLeafBloc=
k (Index));=0D
+    Status =3D Ext4ReadBlocks (Partition, Buffer, 1, BlockNumber);=0D
     if (EFI_ERROR (Status)) {=0D
       FreePool (Buffer);=0D
       return Status;=0D
--=20
2.39.1