From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c00::244; helo=mail-pf0-x244.google.com; envelope-from=heyi.guo@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pf0-x244.google.com (mail-pf0-x244.google.com [IPv6:2607:f8b0:400e:c00::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 48BE92035520B for ; Tue, 7 Nov 2017 20:58:57 -0800 (PST) Received: by mail-pf0-x244.google.com with SMTP id n14so1025137pfh.8 for ; Tue, 07 Nov 2017 21:02:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=kNrlbqjHsJ/WKQj2fFJZnDaBYSX0rxkCRC2Kc7Mi9sI=; b=G3REtJpOxCPHtO/XO/VUpDP4slYiU7hYit8rp5SG9uxsHKN0m3SOYszk8ClPXv/a48 A0rX6ZkssQ9QQ0L6lU0i16vuIlks6M/jZpjuJ1RwPDhJ5dVPoBXmPnm4bF1XqpBTgrZq xOgEp/jP4Happnegth9ezAZcZET04S4ikBV6A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=kNrlbqjHsJ/WKQj2fFJZnDaBYSX0rxkCRC2Kc7Mi9sI=; b=HPDrdn+mCIUZOHWqeaKpduHSVPAejUkC1vKJ3PZMRaVPAjffduSIrhJ+ZjxNdOMn8D /A6PznueuPknNx1DbNe4YT7GjUxE/Cd0YgRLgpXbaqKYh0unAc5zZf59HeeDVEBaj3Wa RpeiXuINZUn2DJsGaAJLrbtfKuWPgiSBtqYy9dEEMGAxP+SKiDa8tOtDuhSMUgxwKYbs tTrN8HSrlxMTriANYLZpFcH0wv7Izd976Huv3n1S7NnjG+J1GStlc09Te0+/8H2ff2Bz WU80i1KOcG2W4FKH1lFbicWwxWyNw6tK7wtP1rAeQ6b07VZLl4OgtqxEon7aCgE0SvHJ IcaQ== X-Gm-Message-State: AJaThX6SagmMGRZvw+uiVRCCgtZr4QsGA7RBKMJWYrlPkCeMfr+cZEUf rDcBxvxLlTSVJcR09ehwXkVMeQ== X-Google-Smtp-Source: ABhQp+Qg6mtSZ13e8ou6/aiIdKm6mV0RTiv/1orWQ8UV/EQcQIPXpfTmhp30TuiC9Kw0aE36UJyMeg== X-Received: by 10.99.51.193 with SMTP id z184mr1048466pgz.285.1510117377951; Tue, 07 Nov 2017 21:02:57 -0800 (PST) Received: from [10.189.19.158] ([45.56.152.90]) by smtp.gmail.com with ESMTPSA id f12sm4947559pga.7.2017.11.07.21.02.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 07 Nov 2017 21:02:57 -0800 (PST) To: "Zeng, Star" , Ard Biesheuvel Cc: "Ni, Ruiyu" , "edk2-devel@lists.01.org" , "Dong, Eric" , linaro-uefi References: <1509342472-1688-1-git-send-email-heyi.guo@linaro.org> <0C09AFA07DD0434D9E2A0C6AEB0483103B9B2EC3@shsmsx102.ccr.corp.intel.com> From: Heyi Guo Message-ID: Date: Wed, 8 Nov 2017 13:02:59 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <0C09AFA07DD0434D9E2A0C6AEB0483103B9B2EC3@shsmsx102.ccr.corp.intel.com> Subject: Re: [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Nov 2017 04:58:58 -0000 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Thanks, Heyi 在 11/8/2017 12:53 PM, Zeng, Star 写道: > Just pushed at 710d9e69fae6753a1a826aa18dd37bcadd3e0c3e. > > Thanks, > Star > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Heyi Guo > Sent: Tuesday, November 7, 2017 5:33 PM > To: Ard Biesheuvel > Cc: Ni, Ruiyu ; edk2-devel@lists.01.org; Dong, Eric ; Zeng, Star ; linaro-uefi > Subject: Re: [edk2] [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug > > Hi Ray, > > We had Ard's R-B already; could you help to commit it? > > Thanks and regards, > > Heyi > > > 在 10/30/2017 4:14 PM, Ard Biesheuvel 写道: >> On 30 October 2017 at 05:47, Heyi Guo wrote: >>> For PciIoPciRead interface, memory prior to Buffer would be written >>> with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which >>> would cause serious system exception. >>> >>> So we add a pre-check branch to avoid memory override. >>> >>> Cc: Star Zeng >>> Cc: Eric Dong >>> Cc: Ard Biesheuvel >>> Cc: Ruiyu Ni >>> Contributed-under: TianoCore Contribution Agreement 1.1 >>> Signed-off-by: Heyi Guo >> Reviewed-by: Ard Biesheuvel >> >>> --- >>> .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 +++++ >>> 1 file changed, 5 insertions(+) >>> >>> diff --git >>> a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci >>> DeviceIo.c >>> b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci >>> DeviceIo.c >>> index c836ad6..0e42ae4 100644 >>> --- >>> a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePci >>> DeviceIo.c >>> +++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverabl >>> +++ ePciDeviceIo.c >>> @@ -465,6 +465,11 @@ PciIoPciRead ( >>> Address = (UINT8 *)&Dev->ConfigSpace + Offset; >>> Length = Count << ((UINTN)Width & 0x3); >>> >>> + if (Offset >= sizeof (Dev->ConfigSpace)) { >>> + ZeroMem (Buffer, Length); >>> + return EFI_SUCCESS; >>> + } >>> + >>> if (Offset + Length > sizeof (Dev->ConfigSpace)) { >>> // >>> // Read all zeroes for config space accesses beyond the first >>> -- >>> 1.9.1 >>> > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel