From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D272B20945C0A for ; Fri, 8 Sep 2017 06:23:07 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 88C1D5AFC8; Fri, 8 Sep 2017 13:25:59 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 88C1D5AFC8 Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=lersek@redhat.com Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-10.rdu2.redhat.com [10.10.120.10]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4A90260A9B; Fri, 8 Sep 2017 13:25:57 +0000 (UTC) To: Paulo Alcantara , Ruiyu Ni Cc: edk2-devel@lists.01.org, Eric Dong , hao.a.wu@intel.com, Jordan Justen , Andrew Fish , Liming Gao , Michael D Kinney , Star Zeng References: From: Laszlo Ersek Message-ID: Date: Fri, 8 Sep 2017 15:25:56 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Fri, 08 Sep 2017 13:25:59 +0000 (UTC) Subject: Re: [PATCH v6 0/6] read-only UDF file system support X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Sep 2017 13:23:08 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Ray, On 09/08/17 14:41, Paulo Alcantara wrote: > v6: > - Fixed a bug in UdfRead() that'd pontentially break in ARM or IA32 > by allowing caller to read more than 4GiB of data > (i.e. BufferSize pointer is dereferenced as an UINT64 * and it's > followed by 4 bytes that are nonzero). > > Repo: https://github.com/pcacjr/edk2.git > Branch: udf-fs-v6 The v5-v6 diff is as follows: > diff --git a/MdeModulePkg/Universal/Disk/UdfDxe/File.c b/MdeModulePkg/Universal/Disk/UdfDxe/File.c > index 2dbcff0be4a3..8b9339567f8e 100644 > --- a/MdeModulePkg/Universal/Disk/UdfDxe/File.c > +++ b/MdeModulePkg/Universal/Disk/UdfDxe/File.c > @@ -325,8 +325,9 @@ UdfRead ( > UDF_FILE_IDENTIFIER_DESCRIPTOR *NewFileIdentifierDesc; > VOID *NewFileEntryData; > CHAR16 FileName[UDF_FILENAME_LENGTH] = { 0 }; > UINT64 FileSize; > + UINT64 BufferSizeUint64; > > OldTpl = gBS->RaiseTPL (TPL_CALLBACK); > > if (This == NULL || BufferSize == NULL || (*BufferSize != 0 && > @@ -363,18 +364,22 @@ UdfRead ( > Status = EFI_SUCCESS; > goto Done; > } > > + BufferSizeUint64 = *BufferSize; > + > Status = ReadFileData ( > BlockIo, > DiskIo, > Volume, > Parent, > PrivFileData->FileSize, > &PrivFileData->FilePosition, > Buffer, > - (UINT64 *)(UINTN)BufferSize > + &BufferSizeUint64 > ); > + ASSERT (BufferSizeUint64 <= MAX_UINTN); > + *BufferSize = (UINTN)BufferSizeUint64; > } else if (IS_FID_DIRECTORY_FILE (Parent->FileIdentifierDesc)) { > if (ReadDirInfo->FidOffset == 0 && PrivFileData->FilePosition > 0) { > Status = EFI_DEVICE_ERROR; > *BufferSize = 0; It looks OK to me, and it builds fine for IA32, X64, ARM and AARCH64: Build/ArmVirtQemu-AARCH64/DEBUG_GCC5/AARCH64/UdfDxe.efi Build/ArmVirtQemu-ARM/DEBUG_GCC5/ARM/UdfDxe.efi Build/OvmfIa32/NOOPT_GCC48/IA32/UdfDxe.efi Build/OvmfX64/NOOPT_GCC48/X64/UdfDxe.efi Green light from your side? Paulo: you forgot to pick up Ray's R-b for patches #4 and #5, from his v5 response -- it was for the entire series. But, I'll apply that for you. Thanks, Laszlo