Hi Guomin,
I think you missed one at line 435, function PowerButtonPhaseToString().
Regards,
Jian
From: Jiang, Guomin <guomin.jiang@intel.com>
Sent: Monday, March 30, 2020 9:32 AM
To: devel@edk2.groups.io; newexplorerj@gmail.com; GuoMinJ via Groups.Io <newexplorerj=gmail.com@groups.io>
Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>
Subject: RE: [edk2-devel] [PATCH] MdeModulePkg/SmiHandlerProfileInfo: Overflowed Array Index
Hi Jian, Hao,
Could you please help review this change?
Thanks
From:
devel@edk2.groups.io [mailto:devel@edk2.groups.io]
On Behalf Of GuoMinJ
Sent: Thursday, March 26, 2020 2:11 PM
To: devel@edk2.groups.io;
newexplorerj@gmail.com; GuoMinJ via Groups.Io <newexplorerj=gmail.com@groups.io>
Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>
Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/SmiHandlerProfileInfo: Overflowed Array Index
Hi jiang, hao
could you please help verify this change.
-------- Original message --------
From: "GuoMinJ via Groups.Io" <newexplorerj=gmail.com@groups.io>
Date: Sat, Feb 22, 2020, 1:19 PM
To: devel@edk2.groups.io
Cc: GuoMinJ <newexplorerj@gmail.com>
Subject: [edk2-devel] [PATCH] MdeModulePkg/SmiHandlerProfileInfo: Overflowed Array Index
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2272
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2289
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2290
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2287
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2288
Index should be off-by one than size of array, so when check
array, the max index should less than size of array.
Signed-off-by: GuoMinJ <newexplorerj@gmail.com>
---
.../SmiHandlerProfileInfo/SmiHandlerProfileInfo.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/MdeModulePkg/Application/SmiHandlerProfileInfo/SmiHandlerProfileInfo.c b/MdeModulePkg/Application/SmiHandlerProfileInfo/SmiHandlerProfileInfo.c
index 0f7163160b..4f195b16ce 100644
--- a/MdeModulePkg/Application/SmiHandlerProfileInfo/SmiHandlerProfileInfo.c
+++ b/MdeModulePkg/Application/SmiHandlerProfileInfo/SmiHandlerProfileInfo.c
@@ -382,7 +382,7 @@ SxTypeToString (
IN EFI_SLEEP_TYPE Type
)
{
- if (Type >= 0 && Type <= ARRAY_SIZE(mSxTypeString)) {
+ if (Type >= 0 && Type < ARRAY_SIZE(mSxTypeString)) {
return mSxTypeString[Type];
} else {
AsciiSPrint (mNameString, sizeof(mNameString), "0x%x", Type);
@@ -407,7 +407,7 @@ SxPhaseToString (
IN EFI_SLEEP_PHASE Phase
)
{
- if (Phase >= 0 && Phase <= ARRAY_SIZE(mSxPhaseString)) {
+ if (Phase >= 0 && Phase < ARRAY_SIZE(mSxPhaseString)) {
return mSxPhaseString[Phase];
} else {
AsciiSPrint (mNameString, sizeof(mNameString), "0x%x", Phase);
@@ -457,7 +457,7 @@ StandbyButtonPhaseToString (
IN EFI_STANDBY_BUTTON_PHASE Phase
)
{
- if (Phase >= 0 && Phase <= ARRAY_SIZE(mStandbyButtonPhaseString)) {
+ if (Phase >= 0 && Phase < ARRAY_SIZE(mStandbyButtonPhaseString)) {
return mStandbyButtonPhaseString[Phase];
} else {
AsciiSPrint (mNameString, sizeof(mNameString), "0x%x", Phase);
@@ -483,7 +483,7 @@ IoTrapTypeToString (
IN EFI_SMM_IO_TRAP_DISPATCH_TYPE Type
)
{
- if (Type >= 0 && Type <= ARRAY_SIZE(mIoTrapTypeString)) {
+ if (Type >= 0 && Type < ARRAY_SIZE(mIoTrapTypeString)) {
return mIoTrapTypeString[Type];
} else {
AsciiSPrint (mNameString, sizeof(mNameString), "0x%x", Type);
@@ -508,7 +508,7 @@ UsbTypeToString (
IN EFI_USB_SMI_TYPE Type
)
{
- if (Type >= 0 && Type <= ARRAY_SIZE(mUsbTypeString)) {
+ if (Type >= 0 && Type < ARRAY_SIZE(mUsbTypeString)) {
return mUsbTypeString[Type];
} else {
AsciiSPrint (mNameString, sizeof(mNameString), "0x%x", Type);
--
2.17.1