From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: zhichao.gao@intel.com) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by groups.io with SMTP; Tue, 20 Aug 2019 18:46:34 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Aug 2019 18:46:33 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,410,1559545200"; d="scan'208";a="186092749" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by FMSMGA003.fm.intel.com with ESMTP; 20 Aug 2019 18:46:33 -0700 Received: from fmsmsx162.amr.corp.intel.com (10.18.125.71) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 20 Aug 2019 18:46:33 -0700 Received: from shsmsx106.ccr.corp.intel.com (10.239.4.159) by fmsmsx162.amr.corp.intel.com (10.18.125.71) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 20 Aug 2019 18:46:33 -0700 Received: from shsmsx101.ccr.corp.intel.com ([169.254.1.80]) by SHSMSX106.ccr.corp.intel.com ([169.254.10.204]) with mapi id 14.03.0439.000; Wed, 21 Aug 2019 09:46:30 +0800 From: "Gao, Zhichao" To: "devel@edk2.groups.io" , "krzysztof.koch@arm.com" CC: "Carsey, Jaben" , "Ni, Ray" , "Sami.Mujawar@arm.com" , "Matteo.Carlini@arm.com" , "nd@arm.com" Subject: Re: [edk2-devel] [PATCH v1 00/11] Test against invalid pointers in acpiview Thread-Topic: [edk2-devel] [PATCH v1 00/11] Test against invalid pointers in acpiview Thread-Index: AQHVU2sMHkNMskNbHUCnWILPeWncg6cE3Ukw Date: Wed, 21 Aug 2019 01:46:30 +0000 Message-ID: <3CE959C139B4C44DBEA1810E3AA6F9000B8247EF@SHSMSX101.ccr.corp.intel.com> References: <20190815131121.52644-1-krzysztof.koch@arm.com> In-Reply-To: <20190815131121.52644-1-krzysztof.koch@arm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: zhichao.gao@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable For 1-2, 4, 6-11: Reviewed-by: Zhichao Gao Thanks, Zhichao > -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of > Krzysztof Koch > Sent: Thursday, August 15, 2019 9:11 PM > To: devel@edk2.groups.io > Cc: Carsey, Jaben ; Ni, Ray ; > Gao, Zhichao ; Sami.Mujawar@arm.com; > Matteo.Carlini@arm.com; nd@arm.com > Subject: [edk2-devel] [PATCH v1 00/11] Test against invalid pointers in > acpiview >=20 > Prevent the use of invalid pointers when parsing ACPI tables in the UEFI= shell > acpiview tool. >=20 > The parsing of ACPI tables is often controlled with the values read earl= ier > from the same table. For example, the 'Offset' or 'Count' fields found i= n a > structure are later used to parse the substructures. If such fields lie = outside > the structure's buffer length provided, then there is a possibility for = a wild or > dangling pointer. >=20 > Currently, if the ParseAcpi() function terminates early because the end = of > the input table data buffer has been reached, then the pointers which we= re > supposed to be updated by this function are left untouched. > This is a security issue as the values pointed to by these pointers are = later > used for flow control. >=20 > This patch series aims to solve this security issue by explicitly initia= lizing any > pointers lying outside the input ACPI data buffer to NULL and testing fo= r > NULL whenever these pointers are dereferenced. >=20 > Changes can be seet at: > https://github.com/KrzysztofKoch1/edk2/tree/612_add_pointer_validation_ > v1 >=20 > Krzysztof Koch (11): > ShellPkg: acpiview: Set ItemPtr to NULL for unprocessed table fields > ShellPkg: acpiview: RSDP: Validate global pointer before use > ShellPkg: acpiview: FADT: Validate global pointer before use > ShellPkg: acpiview: SLIT: Validate global pointer before use > ShellPkg: acpiview: SLIT: Validate System Locality count > ShellPkg: acpiview: SRAT: Validate global pointers before use > ShellPkg: acpiview: MADT: Validate global pointers before use > ShellPkg: acpiview: PPTT: Validate global pointers before use > ShellPkg: acpiview: IORT: Validate global pointers before use > ShellPkg: acpiview: GTDT: Validate global pointers before use > ShellPkg: acpiview: DBG2: Validate global pointers before use >=20 > ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c = | 9 ++- >=20 > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c > | 43 ++++++++++++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Fadt/FadtParser.c > | 14 +++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c > | 37 ++++++++++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Iort/IortParser.c | > 52 +++++++++++++++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser. > c | 13 +++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttParser.c | > 25 ++++++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Rsdp/RsdpParser.c > | 12 ++++ > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c | > 61 ++++++++++++++++++-- > ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratParser.c | > 13 +++++ > 10 files changed, 272 insertions(+), 7 deletions(-) >=20 > -- > 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' >=20 >=20 >=20 >=20