Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>

 

- Bret

 

From: Michael D Kinney <michael.d.kinney@intel.com>
Sent: Wednesday, February 12, 2020 2:45:11 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Liming Gao <liming.gao@intel.com>; Sean Brogan <sean.brogan@microsoft.com>; Bret Barkelew <Bret.Barkelew@microsoft.com>
Subject: [EXTERNAL] [Patch] MdePkg/BaseSafeIntLib: Fix VS20xx IA32 link failures
 
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2525&amp;data=02%7C01%7CBret.Barkelew%40microsoft.com%7C42f4119d0b1e4cb0fa0e08d7b00d3970%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637171443157049083&amp;sdata=whRKJqlUj7Hq%2F%2BGtPO2ofn97iKwfKXV93RmYCair5l0%3D&amp;reserved=0

SafeUint64Mult() looks for 64-bit overflows and performs
several 32-bit multiples with 64-bit results to check for
all possible overflow conditions.  IA32 builds using VS20xx
with optimizations enabled are producing a reference to
the _allmull intrinsic.

The fix is to use MultU64x64() instead of '*' for
these operations.  These are safe because the inputs
are guaranteed to have the upper 32-bits clear, which
means MultU64x64() can never overflow with those inputs.

Cc: Liming Gao <liming.gao@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 MdePkg/Library/BaseSafeIntLib/SafeIntLib.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c
index 0f6be6e064..eec8ac1ffd 100644
--- a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c
+++ b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c
@@ -3380,14 +3380,14 @@ SafeUint64Mult (
       //
       // a * d must be less than 2^32 or there would be bits set in the high 64-bits
       //
-      ProductAD = (((UINT64)DwordA) *(UINT64)DwordD);
+      ProductAD = MultU64x64 ((UINT64)DwordA, (UINT64)DwordD);
       if ((ProductAD & 0xffffffff00000000) == 0) {
         DwordB = (UINT32)Multiplicand;
 
         //
         // b * c must be less than 2^32 or there would be bits set in the high 64-bits
         //
-        ProductBC = (((UINT64)DwordB) *(UINT64)DwordC);
+        ProductBC = MultU64x64 ((UINT64)DwordB, (UINT64)DwordC);
         if ((ProductBC & 0xffffffff00000000) == 0) {
           //
           // now sum them all up checking for overflow.
@@ -3397,7 +3397,7 @@ SafeUint64Mult (
             //
             // b * d
             //
-            ProductBD = (((UINT64)DwordB) *(UINT64)DwordD);
+            ProductBD = MultU64x64 ((UINT64)DwordB, (UINT64)DwordD);
 
             if (!RETURN_ERROR (SafeUint64Add (UnsignedResult, ProductBD, &UnsignedResult))) {
               *Result = UnsignedResult;
--
2.21.0.windows.1