From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web12.4705.1610521105720743270 for ; Tue, 12 Jan 2021 22:58:25 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=Po0yU4j3; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: zhichao.gao@intel.com) IronPort-SDR: odxxJCwlRRJCGl4vCWCih+i/OXVVT1IMyxwuqoWhABb6Bsc6u52JpAn4SMslyHp3JrF3afGOzh oBdIqEOX9klg== X-IronPort-AV: E=McAfee;i="6000,8403,9862"; a="165249035" X-IronPort-AV: E=Sophos;i="5.79,343,1602572400"; d="scan'208";a="165249035" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jan 2021 22:58:24 -0800 IronPort-SDR: FgIbDPLHBsPqhjQSRo0GqOQDyY+G3C4oOjt0Dv9Yu5Mqgu26Im3/ND9sbhounCI4v+vgZ/Rhxf uk09BvrmxYag== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.79,343,1602572400"; d="scan'208";a="464797785" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by fmsmga001.fm.intel.com with ESMTP; 12 Jan 2021 22:58:24 -0800 Received: from fmsmsx606.amr.corp.intel.com (10.18.126.86) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 12 Jan 2021 22:58:23 -0800 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 12 Jan 2021 22:58:23 -0800 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.47) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Tue, 12 Jan 2021 22:58:23 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JOVL7tOnjzaCCUap5iF1eDKh9ZyXSuRuR54IOL6oNDFUU1rBzbzcgMcwDQnipaD45FbUm1ORdw11E/AICCw43vAEmpPLW//KF2mOxZUJ9uW5KH2U1yoPob9z8Gciyv8tb4r/Zr+2vtIPFgkUurUWRrqZvP9tXU41aMw7RKufVbd6rG6w3AiLl8VjzgrGaUP4MBvYuQS+2KVvNYZ85e89MID13QRgtUgtBcOmQOn++V3EHzYzsG4WtF5IuJPi/tx0fHXM6xaG+mLwJ1CPS/8MDvbLpUNiVHnqhaHAnvvXvhZ3XkNckmy52XL+UB7Z2x2D0TM5u7j7NVU7y9Yq4BEbcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EzxKUBZ2TQqv+Yd+fV9W86kfXPDuBfmA2yYUEZ1cqjQ=; b=gcS5oYwBlLqSrvng9Nry2AjZ/bI528FjaWrOibvCwHWrKs7th3y9Q3ztYiQUnrionWvSqd335+CkuK4+R8ZnNYem3DaQNrPIf9J/mbEFIpG3ePtRhYPtRFeS63Igsetv0MnVNoJt53QnlQ07n5c7i+rdVBNDDf/GIjMpq3TENRYqb6oqE3Llo7yEkaT8+xZgrZb2/5bkvuXSmy7GCw9sqw0mgsEhy9o3Q8BQymIYNCrk1hhXTfNDl3JxkQ3xFtaXNLMDi3NZagfvuvqlzq89yUcS0B1ieXNks8X3hFGQ1OTqv+gKsoKEoArML/s1S1dz4ay4QaoPbWcmzIhMn0xQfg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EzxKUBZ2TQqv+Yd+fV9W86kfXPDuBfmA2yYUEZ1cqjQ=; b=Po0yU4j3AFfDbMDPHTS+nbo8KnVKVl3Lcdbahn6/Sf9JXK4OKAgfdfA2HoqQJ8D4/FY8qJsWLvliJEbYTbhdTE8t9k2CUIoIRth+wYQj216Kubkhc+31kcH4wblLz6oQR3CQkwYq35QiEv4U2a0whnbOC/gGfkEuhQPkwBFnz+c= Received: from MWHPR11MB1647.namprd11.prod.outlook.com (2603:10b6:301:d::12) by CO1PR11MB5028.namprd11.prod.outlook.com (2603:10b6:303:9a::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.6; Wed, 13 Jan 2021 06:58:23 +0000 Received: from MWHPR11MB1647.namprd11.prod.outlook.com ([fe80::c861:b9c1:b082:7c77]) by MWHPR11MB1647.namprd11.prod.outlook.com ([fe80::c861:b9c1:b082:7c77%8]) with mapi id 15.20.3742.012; Wed, 13 Jan 2021 06:58:23 +0000 From: "Gao, Zhichao" To: "gechao@greatwall.com.cn" , "devel@edk2.groups.io" CC: "Ni, Ray" Subject: Re: [PATCH] MdeModulePkg/TerminalDxe: Fix terminal fifo buffer overflow with UINT8 type Thread-Topic: [PATCH] MdeModulePkg/TerminalDxe: Fix terminal fifo buffer overflow with UINT8 type Thread-Index: AQHW2EvgOH/7VNoi90SwlK9R+BhPoKolOGDQ Date: Wed, 13 Jan 2021 06:58:22 +0000 Message-ID: References: <5d397bc53140165ed278ea5bf020b0c69acd18eb.1608632264.git.gechao@greatwall.com.cn> In-Reply-To: <5d397bc53140165ed278ea5bf020b0c69acd18eb.1608632264.git.gechao@greatwall.com.cn> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.5.1.3 authentication-results: greatwall.com.cn; dkim=none (message not signed) header.d=none;greatwall.com.cn; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.213] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 982135e4-d374-4975-a57c-08d8b7909e36 x-ms-traffictypediagnostic: CO1PR11MB5028: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: I1PTZIWwMkRR1blmPoAtYF9i5FuGphn4fMjmNV02v/O6Dq1NwaJehEruo+rAGEeyy4BG1zDV8SGUQntfZnxH24xJaUKgdvq9qwVWm3Rx4HBNSCqJJGaNrGeFBdkigRmsq2ZU26PeezYzvPUfL4VqbIzM0Xkk7nYF30maI+pfPcRm0A6v9+ecUlVxkz3UPlGCzbm9AGrn7K89tX8fEhSE5zra9ayqBZ2Caz2J69wjzVdWF8r+A44XZvogaf3lZL4xFDdOemuYxLGWluBNKD3N504Ivfku5UQktN2bz/uZz8M0EeRiVqncusB8WhGKJHsCTb/qlyTU0gQFYBGyst0BAczJRCAZDzrw0fgXvwqp/zmAcFvqocnp22IZXzm+SeekjtiRsqgN8U00NqhXglGD7A== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR11MB1647.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(366004)(39860400002)(346002)(376002)(136003)(76116006)(64756008)(66476007)(66446008)(53546011)(66556008)(52536014)(71200400001)(316002)(2906002)(33656002)(5660300002)(6506007)(7696005)(26005)(478600001)(110136005)(9686003)(186003)(8676002)(66946007)(83380400001)(55016002)(8936002)(4326008)(107886003)(86362001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?V6eLIAMOcFCTJnoC77dpA4nB4xO7Wu441CVZmuNTv9izWWeZ9wkM/p+D+tjt?= =?us-ascii?Q?GRH/puOpwvYyNoNQqgaFfpXySdB9NEqVHsG2lo+Nq1Kz8TBms8mkUTn+rJQ+?= =?us-ascii?Q?D2747hrvV9mI2WLGZrdpAq05bCtqxCFyKb1HVB5YjmdI6mq5q5wAV9eMZKoh?= =?us-ascii?Q?cHq0wMaxrk2PvF3hrDcxui1eE1riztTXxU1vC5eEOTUDtOWsUP5TfLk1eNK8?= =?us-ascii?Q?TO3oxbOcPv4A3zqWowVQ31QvGFBlYv3YSzQZEk2iL4WqzRlde1sLzMW2vdKV?= =?us-ascii?Q?iCSnzhnMzHkf1sFaiFQRiwF3E3SN3yVk5EsKad7yzt9vE4Pk7rFzmsOZ0PIS?= =?us-ascii?Q?9QPEigUIKsUGc3rJgnIhGe2z70FUwEDLvVfHkLg+60KNoHDdhOC4DZc9PY9U?= =?us-ascii?Q?GRhajIrVs+rosugGoZGyWU7KoeI9gcliEYe1dA/rsDM7HiufHFQ/LNNPKW4W?= =?us-ascii?Q?7ngXkiitVrLTuUM1g9p0pegxelX7nv4sPTvGkJiSNnsBGrF+wx/o49bMEGjr?= =?us-ascii?Q?S6NhDwiKyZze5ltnMvoBOJZWOgX/gUTfErrbp/4sQXTGM9Px292S9a309hsB?= =?us-ascii?Q?DrELGYY+xxwDgWOZXm/2buIAhrp/hrgv8/Zm+l4ihgcyuX7eNITtYe9Z9/hX?= =?us-ascii?Q?2iSbZfk22BH6B5gv5j2UwhSkN3hL896TmPtAfHSnmbMe0FoptFv86yIE0c88?= =?us-ascii?Q?lKyFhHNwo6XoZGI+INDYKSrmb4gUzQjSXo+Ir4/KtuLhmIRAfy/nsn3EMVPD?= =?us-ascii?Q?kRGY0ddM6Ky/6ZAStfij1sXklunN0Z+mvJWPGj5jvASbkc/S+rsPpfqeYRGN?= =?us-ascii?Q?zfxcUX80/tFHdPZEmLA8flvL2/9SFXVi1PqEl1X+daiJqmV38xPmfdud2e2x?= =?us-ascii?Q?TXrZypVfFNRnwbr69A7onpf/9+PO0/KaxL0J53eO6a/BTtinHVsKJmlO+7Zn?= =?us-ascii?Q?2UIEjqo785SLsKfJHHO9vqZ2y4rpIzMigfw96BRuRPQ=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MWHPR11MB1647.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 982135e4-d374-4975-a57c-08d8b7909e36 X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2021 06:58:22.9430 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 4UCkloNUbj9vc3souK+yoz2U5Y5NQDl0ihxKRcvTulujYd6ygHSh+nVwV2cJoAJnBMOIGv8jiQyyLb0Jbk1KuQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR11MB5028 Return-Path: zhichao.gao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, Sorry, I don't understand the patch. UINT8 type would have the value limita= tion. But why does it affect the buffer size? Did you observed the overflow with the original value? If yes, can you shar= e the example? Thanks, Zhichao > -----Original Message----- > From: gechao@greatwall.com.cn > Sent: Tuesday, December 22, 2020 6:19 PM > To: devel@edk2.groups.io; Gao, Zhichao > Cc: Ni, Ray ; gechao > Subject: [PATCH] MdeModulePkg/TerminalDxe: Fix terminal fifo buffer > overflow with UINT8 type >=20 > From: gechao >=20 > The maximum fifo buffer length is RAW_FIFO_MAX_NUMBER + 1 =3D 257, but > the maximum value of terminal fifo buffer index is sizeof(UINT8) - 1 =3D = 255 with > UINT8 type, so check if fifo buffer is empty or full with below expressio= n, ((Tail > + 1) % (RAW_FIFO_MAX_NUMBER + 1)) =3D=3D Head, (Tail + 1) might be > sizeof(UINT8) + 1 =3D 256, for UINT8 type, it does not make any sense. >=20 > Signed-off-by: gechao > --- > MdeModulePkg/Universal/Console/TerminalDxe/Terminal.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) >=20 > diff --git a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.h > b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.h > index 378ace13ce..360e58e847 100644 > --- a/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.h > +++ b/MdeModulePkg/Universal/Console/TerminalDxe/Terminal.h > @@ -37,7 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > #include -#define RAW_FIFO_MAX_NUMBER > 256+#define RAW_FIFO_MAX_NUMBER 255 #define FIFO_MAX_NUMBER > 128 typedef struct {-- > 2.25.1