From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 471D7AC120C for ; Wed, 27 Sep 2023 15:51:44 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=+mSm9ckjHqPaAd5ymvDwDxmiiaDWn/hSFuftAiuBlm0=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1695829902; v=1; b=EXDvIYWvZerwdoXTuX3MZ9zL3kZ2DqJ0EUG5uZRaKys2t+fONItooAkw+93cFNk4Army9Uk0 QS0zwkB3IQSennA4W4zTPKbjIYd+oGyaiZMyymIYYARqgS+3o3NP1btojO0fJcQB1y0j/etznVM QtEB3tDhiOq4SZt8bWbCx/X4= X-Received: by 127.0.0.2 with SMTP id FmSvYY7687511xgMn4h7EYWe; Wed, 27 Sep 2023 08:51:42 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.21111.1695829902320589544 for ; Wed, 27 Sep 2023 08:51:42 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10846"; a="372206096" X-IronPort-AV: E=Sophos;i="6.03,181,1694761200"; d="scan'208";a="372206096" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Sep 2023 08:51:41 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10846"; a="752641408" X-IronPort-AV: E=Sophos;i="6.03,181,1694761200"; d="scan'208";a="752641408" X-Received: from kjurczyk-mobl1.ger.corp.intel.com (HELO malbecki-mobl2.intel.com) ([10.213.9.18]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Sep 2023 08:51:39 -0700 From: "Albecki, Mateusz" To: devel@edk2.groups.io Cc: Mateusz Albecki , Michael D Kinney , Liming Gao , Zhiguang Liu Subject: [edk2-devel] [PATCHv2 0/2] MdePkg/UefiDevicePathLib: Fix buffer overflows in DevPathToTextAcpiEx Date: Wed, 27 Sep 2023 17:51:21 +0200 Message-Id: <20230927155123.1465365-1-mateusz.albecki@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,mateusz.albecki@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: YFozXawOyBkMZTJcxY6JsdGqx7686176AA= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=EXDvIYWv; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4555 Github PR: https://github.com/tianocore/edk2/pull/4865 Fix for buffer overlows that arise in DevPathToTextAcpiEx when device path = node producer doesn't specify all of the optional strings. Changes in v2: - Fix AcpiExp print logic that got broken in V1 - Don't pass NULL string to print function Tests: - Booted the platform and confirmed that platform doesn't hang when special= pool is enabled (special pool detects accesses outside of allocated pool) - Examined the output of the DevPathToTextAcpiEx, here are some example str= ings: AcpiEx(@@@0000,@@@0000,0x0,INTC10E7,,) - this device path doesn't specify= UIDSTR and CIDSTR PciRoot(0x0)/AcpiEx(UAR0002,@@@0000,0x0,UART2,,) - this device path speci= fies empty UIDSTR and CIDSTR - Unit tests added in second patch are passing Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Mateusz Albecki (2): MdePkg/UefiDevicePathLib: Fix AcpiEx print logic MdePkg/Test: Add DevicePathLib host test module .../UefiDevicePathLib/DevicePathToText.c | 69 +- MdePkg/MdePkg.ci.yaml | 5 +- MdePkg/Test/MdePkgHostTest.dsc | 2 + .../Library/DevicePathLib/TestDevicePathLib.c | 638 ++++++++++++++++++ .../Library/DevicePathLib/TestDevicePathLib.h | 26 + .../DevicePathLib/TestDevicePathLibHost.inf | 33 + .../TestDevicePathStringConversions.c | 370 ++++++++++ 7 files changed, 1115 insertions(+), 28 deletions(-) create mode 100644 MdePkg/Test/UnitTest/Library/DevicePathLib/TestDevicePa= thLib.c create mode 100644 MdePkg/Test/UnitTest/Library/DevicePathLib/TestDevicePa= thLib.h create mode 100644 MdePkg/Test/UnitTest/Library/DevicePathLib/TestDevicePa= thLibHost.inf create mode 100644 MdePkg/Test/UnitTest/Library/DevicePathLib/TestDevicePa= thStringConversions.c --=20 2.39.2 --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Slowackiego 173 | 80-298 Gdansk | Sad Rejonowy Gdansk Polnoc | VII Wydz= ial Gospodarczy Krajowego Rejestru Sadowego - KRS 101882 | NIP 957-07-52-31= 6 | Kapital zakladowy 200.000 PLN. Spolka oswiadcza, ze posiada status duzego przedsiebiorcy w rozumieniu usta= wy z dnia 8 marca 2013 r. o przeciwdzialaniu nadmiernym opoznieniom w trans= akcjach handlowych. Ta wiadomosc wraz z zalacznikami jest przeznaczona dla okreslonego adresata= i moze zawierac informacje poufne. W razie przypadkowego otrzymania tej wi= adomosci, prosimy o powiadomienie nadawcy oraz trwale jej usuniecie; jakiek= olwiek przegladanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the s= ole use of the intended recipient(s). If you are not the intended recipient= , please contact the sender and delete all copies; any review or distributi= on by others is strictly prohibited. -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109124): https://edk2.groups.io/g/devel/message/109124 Mute This Topic: https://groups.io/mt/101619975/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-