From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, chip.programmer@att.net
Cc: Abdul Lateef Attar <AbdulLateef.Attar@amd.com>,
G Edhaya Chandran <Edhaya.Chandran@arm.com>
Subject: Re: [edk2-devel] edk2-test: bug in DevicePathFromTextBBTestCoverage.c
Date: Sun, 25 Feb 2024 16:01:54 +0100 [thread overview]
Message-ID: <b2b3e041-c7b8-70d3-ac16-b56875d8f91a@redhat.com> (raw)
In-Reply-To: <73061DCB4B4D46209875F9B9B0F87C84@DESKTOPQUG2G9K>
Hello Charles,
On 2/24/24 17:01, Charles Hyde wrote:
> There is a bug in the following source file:
>
> uefi-sct\
> SctPkg\
> TestCase\
> UEFI\
> EFI\
> Protocol\
> DevicePathFromText\
> BlackBoxTest\
> DevicePathFromTextBBTestCoverage.c
>
>
> Lines 1737, 1738, 1742, and 1743 reference DNS without any cast
> override, which causes the pointer reference logic to be wrong,
> leading the functions SctStrToIPv4Addr and SctStrToIPv6Addr to cause
> memory corruption. The DNS reference needs to have (UINT8 *) cast
> override, like is done in DevicePathToTextBBTestMain.c.
You are correct, as far as I can tell.
This is a regression from:
commit 847e0363e846296881c238dc43766fd40f6c2aec
Author: Abdul Lateef Attar <abdattar@>
Date: Thu Jun 9 16:24:02 2022 +0530
SctPkg: Fix the UefiSct -Wincompatible-pointer-types warnings
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2126
Fixes the incompatible pointer types warning for UefiSct package.
Cc: G Edhaya Chandran <Edhaya.Chandran@...>
Cc: Barton Gao <gaojie@...>
Cc: Carolyn Gjertsen <Carolyn.Gjertsen@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Cc: Eric Jin <eric.jin@...>
Cc: Arvin Chen <arvinx.chen@...>
Cc: Supreeth Venkatesh <Supreeth.Venkatesh@...>
Signed-off-by: Abdul Lateef Attar <abdattar@...>
500 files changed, 5537 insertions(+), 1162 deletions(-)
Unfortunately, the change for "DevicePathFromTextBBTestCoverage.c" in
this -- *way* oversized -- patch was incorrect:
> @@ -1734,13 +1734,13 @@ CreateDNSDeviceNode (
> }
>
> if (DNS->IsIPv6 == 0) {
> - SctStrToIPv4Addr (&IpStr1, (UINT8 *)DNS + sizeof (DNS_DEVICE_PATH));
> - SctStrToIPv4Addr (&IpStr2, (UINT8 *)DNS + sizeof (DNS_DEVICE_PATH) + sizeof(EFI_IP_ADDRESS));
> + SctStrToIPv4Addr (&IpStr1, (EFI_IPv4_ADDRESS *)(DNS + sizeof (DNS_DEVICE_PATH)));
> + SctStrToIPv4Addr (&IpStr2, (EFI_IPv4_ADDRESS *)(DNS + sizeof (DNS_DEVICE_PATH) + sizeof(EFI_IP_ADDRESS)));
> }
>
> if (DNS->IsIPv6 == 1) {
> - SctStrToIPv6Addr (&IpStr1, (UINT8 *)DNS + sizeof (DNS_DEVICE_PATH));
> - SctStrToIPv6Addr (&IpStr2, (UINT8 *)DNS + sizeof (DNS_DEVICE_PATH) + sizeof(EFI_IP_ADDRESS));
> + SctStrToIPv6Addr (&IpStr1, (EFI_IPv6_ADDRESS *)(DNS + sizeof (DNS_DEVICE_PATH)));
> + SctStrToIPv6Addr (&IpStr2, (EFI_IPv6_ADDRESS *)(DNS + sizeof (DNS_DEVICE_PATH) + sizeof(EFI_IP_ADDRESS)));
> }
>
> return (EFI_DEVICE_PATH_PROTOCOL *) DNS;
The original (UINT8*) cast was correct for determining the "IPv4Addr"
and "IPv6Addr" argument *values* for SctStrToIPv4Addr() and
SctStrToIPv6Addr(), respectively; the problem was with the argument
*types*. The patch added the necessary outer cast, but incorrectly
removed the still needed inner cast.
... The original code was in poor style to begin with. The following
should work, without any casts at all:
SctStrToIPv4Addr (&IpStr1, &DNS->DnsServerIp[0].v4);
SctStrToIPv4Addr (&IpStr2, &DNS->DnsServerIp[1].v4);
SctStrToIPv6Addr (&IpStr1, &DNS->DnsServerIp[0].v6);
SctStrToIPv6Addr (&IpStr2, &DNS->DnsServerIp[1].v6);
That's because DNS is of type pointer-to-DNS_DEVICE_PATH, and
DNS_DEVICE_PATH is defined as follows, in
"MdePkg/Include/Protocol/DevicePath.h":
> #pragma pack(1)
> ...
> typedef struct {
> EFI_DEVICE_PATH_PROTOCOL Header;
> ///
> /// Indicates the DNS server address is IPv4 or IPv6 address.
> ///
> UINT8 IsIPv6;
> ///
> /// Instance of the DNS server address.
> ///
> EFI_IP_ADDRESS DnsServerIp[];
> } DNS_DEVICE_PATH;
> ...
> #pragma pack()
and "EFI_IP_ADDRESS" is defined in "MdePkg/Include/Uefi/UefiBaseType.h"
as follows:
> typedef union {
> UINT32 Addr[4];
> EFI_IPv4_ADDRESS v4;
> EFI_IPv6_ADDRESS v6;
> } EFI_IP_ADDRESS;
The "DnsServerIp" flexible array member should simply be put to use.
AbduL, can you please post a fix?
Thanks
Laszlo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#115930): https://edk2.groups.io/g/devel/message/115930
Mute This Topic: https://groups.io/mt/104548292/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
prev parent reply other threads:[~2024-02-25 15:02 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <73061DCB4B4D46209875F9B9B0F87C84.ref@DESKTOPQUG2G9K>
2024-02-24 16:01 ` [edk2-devel] edk2-test: bug in DevicePathFromTextBBTestCoverage.c Charles Hyde
2024-02-25 15:01 ` Laszlo Ersek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b2b3e041-c7b8-70d3-ac16-b56875d8f91a@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox