From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: zhichao.gao@intel.com) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by groups.io with SMTP; Thu, 18 Jul 2019 18:14:44 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Jul 2019 18:14:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,280,1559545200"; d="scan'208";a="343548127" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga005.jf.intel.com with ESMTP; 18 Jul 2019 18:14:43 -0700 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 18 Jul 2019 18:14:43 -0700 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 18 Jul 2019 18:14:42 -0700 Received: from shsmsx103.ccr.corp.intel.com (10.239.4.69) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Thu, 18 Jul 2019 18:14:42 -0700 Received: from shsmsx101.ccr.corp.intel.com ([169.254.1.134]) by SHSMSX103.ccr.corp.intel.com ([169.254.4.109]) with mapi id 14.03.0439.000; Fri, 19 Jul 2019 09:14:40 +0800 From: "Gao, Zhichao" To: Krzysztof Koch , "devel@edk2.groups.io" CC: "Carsey, Jaben" , "Ni, Ray" , "Sami.Mujawar@arm.com" , "Matteo.Carlini@arm.com" , "nd@arm.com" Subject: Re: [PATCH v1 1/6] ShellPkg: acpiview: Allow passing buffer length to DumpGasStruct() Thread-Topic: [PATCH v1 1/6] ShellPkg: acpiview: Allow passing buffer length to DumpGasStruct() Thread-Index: AQHVPWTRINuWpfgv2UykzyX5OuJLvKbRInsA Date: Fri, 19 Jul 2019 01:14:39 +0000 Message-ID: <3CE959C139B4C44DBEA1810E3AA6F9000B808DB0@SHSMSX101.ccr.corp.intel.com> References: <20190718123142.5696-1-krzysztof.koch@arm.com> <20190718123142.5696-2-krzysztof.koch@arm.com> In-Reply-To: <20190718123142.5696-2-krzysztof.koch@arm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: zhichao.gao@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: Krzysztof Koch [mailto:krzysztof.koch@arm.com] > Sent: Thursday, July 18, 2019 8:32 PM > To: devel@edk2.groups.io > Cc: Carsey, Jaben ; Ni, Ray ; > Gao, Zhichao ; Sami.Mujawar@arm.com; > Matteo.Carlini@arm.com; nd@arm.com > Subject: [PATCH v1 1/6] ShellPkg: acpiview: Allow passing buffer length t= o > DumpGasStruct() >=20 > Modify the signature of the DumpGasStruct() function to include the buffe= r > length parameter and to return the number of bytes parsed by the function= . >=20 > This way it becomes possible to prevent buffer overruns when dumping > Generic Address Structure's (GAS) fields in the acpiview table parsers. >=20 > Update all existing DumpGasStruct() calls in acpiview to add the length > argument. >=20 > Signed-off-by: Krzysztof Koch > --- >=20 > Notes: > v1: > - Modify DumpGasStruct() signature [Krzysztof] >=20 > ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c |= 26 > +++++++++++--------- > ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h |= 8 > ++++-- >=20 > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c > | 2 +- > 3 files changed, 22 insertions(+), 14 deletions(-) >=20 > diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c > b/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c > index > 8b3153516d2b7d9b920ab2de0344c17798ac572c..2d6ff80e299eebe7853061d3 > db89332197c0dc0e 100644 > --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c > +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c > @@ -589,23 +589,27 @@ STATIC CONST ACPI_PARSER GasParser[] =3D { >=20 > @param [in] Ptr Pointer to the start of the buffer. > @param [in] Indent Number of spaces to indent the output. > + @param [in] Length Length of the GAS structure buffer. > + > + @retval Number of bytes parsed. > **/ > -VOID > +UINT32 > EFIAPI > DumpGasStruct ( > IN UINT8* Ptr, > - IN UINT32 Indent > + IN UINT32 Indent, > + IN UINT32 Length > ) > { > Print (L"\n"); > - ParseAcpi ( > - TRUE, > - Indent, > - NULL, > - Ptr, > - GAS_LENGTH, > - PARSER_PARAMS (GasParser) > - ); > + return ParseAcpi ( > + TRUE, > + Indent, > + NULL, > + Ptr, > + Length, > + PARSER_PARAMS (GasParser) > + ); > } >=20 > /** > @@ -621,7 +625,7 @@ DumpGas ( > IN UINT8* Ptr > ) > { > - DumpGasStruct (Ptr, 2); > + DumpGasStruct (Ptr, 2, GAS_LENGTH); > } >=20 > /** > diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h > b/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h > index > 7657892d9fd2e2e14c6578611ff0cf1b6f6cd750..20ca358bddfa5953bfb1d1beba > ebbf3079eaba01 100644 > --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h > +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h > @@ -405,12 +405,16 @@ ParseAcpi ( >=20 > @param [in] Ptr Pointer to the start of the buffer. > @param [in] Indent Number of spaces to indent the output. > + @param [in] Length Length of the GAS structure buffer. > + > + @retval Number of bytes parsed. > **/ > -VOID > +UINT32 > EFIAPI > DumpGasStruct ( > IN UINT8* Ptr, > - IN UINT32 Indent > + IN UINT32 Indent, > + IN UINT32 Length > ); >=20 > /** > diff --git > a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parse > r.c > b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parse > r.c > index > 8de5ebf74775bab8e765849cba6ef4eb6f659a5a..2c47a3f848aa2dd512c53343e > cf1c3c285173dd6 100644 > --- > a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parse > r.c > +++ > b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Pars > +++ er.c > @@ -164,7 +164,7 @@ DumpDbgDeviceInfo ( > AddrSize =3D (UINT32*)(Ptr + (*AddrSizeOffset)); > while (Index < (*GasCount)) { > PrintFieldName (4, L"BaseAddressRegister"); > - DumpGasStruct (DataPtr, 4); > + DumpGasStruct (DataPtr, 4, *DbgDevInfoLen); This input length should be GAS_LENGTH. *DbgDevInfoLen is the length of the= whole structure and the DataPtr is increased during the loop. Inputing suc= h a length would give the ParseAcpi function a chance to overrun the DataPt= r. Thanks, Zhichao > PrintFieldName (4, L"Address Size"); > Print (L"0x%x\n", AddrSize[Index]); > DataPtr +=3D GAS_LENGTH; > -- > 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' >=20