From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: zhichao.gao@intel.com) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by groups.io with SMTP; Tue, 25 Jun 2019 21:36:50 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Jun 2019 21:36:49 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,418,1557212400"; d="scan'208";a="155744880" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga008.jf.intel.com with ESMTP; 25 Jun 2019 21:36:49 -0700 Received: from fmsmsx157.amr.corp.intel.com (10.18.116.73) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 25 Jun 2019 21:36:48 -0700 Received: from shsmsx108.ccr.corp.intel.com (10.239.4.97) by FMSMSX157.amr.corp.intel.com (10.18.116.73) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 25 Jun 2019 21:36:48 -0700 Received: from shsmsx101.ccr.corp.intel.com ([169.254.1.87]) by SHSMSX108.ccr.corp.intel.com ([169.254.8.236]) with mapi id 14.03.0439.000; Wed, 26 Jun 2019 12:36:46 +0800 From: "Gao, Zhichao" To: "Ni, Ray" , "Dong, Eric" , "devel@edk2.groups.io" CC: Laszlo Ersek , "Gao, Liming" Subject: Re: [PATCH V2] UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure checked range is valid Thread-Topic: [PATCH V2] UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure checked range is valid Thread-Index: AQHVK2jjULqZ9GU+TEaeyNUWtHhRiaatGhPg//+OBQCAAKQJ8A== Date: Wed, 26 Jun 2019 04:36:45 +0000 Message-ID: <3CE959C139B4C44DBEA1810E3AA6F9000B7F7452@SHSMSX101.ccr.corp.intel.com> References: <20190625151541.28632-1-zhichao.gao@intel.com> <734D49CCEBEEF84792F5B80ED585239D5C1F0A34@SHSMSX104.ccr.corp.intel.com> In-Reply-To: <734D49CCEBEEF84792F5B80ED585239D5C1F0A34@SHSMSX104.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: zhichao.gao@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: Ni, Ray > Sent: Wednesday, June 26, 2019 9:58 AM > To: Dong, Eric ; Gao, Zhichao > ; devel@edk2.groups.io > Cc: Laszlo Ersek ; Gao, Liming > Subject: RE: [PATCH V2] UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure > checked range is valid >=20 > > > @@ -170,6 +170,7 @@ MicrocodeDetect ( > > > /// Check overflow and whether TotalSize is aligned with 4 bytes= . > > > /// > > > if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd || > > > + ((UINTN)MicrocodeEntryPoint + TotalSize) < (UINTN) > > > + CpuMpData->MicrocodePatchAddress || >=20 > How about below check? > First comparison hits when the sum of MicrocodeEntryPoint and TotalSize > overflows. > Second comparison hits when the sum crosses the boundary of the whole > microcode buffer boundary If (((UINTN) MicrocodeEntryPoint > MAX_UINTN > - TotalSize) || ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd) Your advice is better. It avoid the sum of MicrocodeEntryPoint and TotalSiz= e bigger than CpuMpData->MicrocodePatchAddress and less than MicrocodeEntry= Point. I would update it with your comments. Thanks, Zhichao >=20 >=20 > > > (TotalSize & 0x3) !=3D 0 > > > ) { > > > MicrocodeEntryPoint =3D (CPU_MICROCODE_HEADER *) (((UINTN) > > > MicrocodeEntryPoint) + SIZE_1KB); > > > -- > > > 2.21.0.windows.1