From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by mx.groups.io with SMTP id smtpd.web12.7602.1573148131639884222 for ; Thu, 07 Nov 2019 09:35:32 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@akeo-ie.20150623.gappssmtp.com header.s=20150623 header.b=ekqyD0RA; spf=none, err=permanent DNS error (domain: akeo.ie, ip: 209.85.128.67, mailfrom: pete@akeo.ie) Received: by mail-wm1-f67.google.com with SMTP id 8so3405465wmo.0 for ; Thu, 07 Nov 2019 09:35:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akeo-ie.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=bhXrlChGg2rl90tLJ5th1PhwlSSouuNfzWZygMtEJTY=; b=ekqyD0RAQAWVFE/WVuw8Yafbo8OSB3/EqQehBSGrZNP7a+GZwrZnUNrFazniiX/217 X7qsY3mCoc6ixbyiISW7aDm5hWiOaFS53ih52vpvqOBX3OjRZzO7HNCMLrnEWD16OOsN pqn2H/X1UK4mPyGOWaxfSFcIwBJ3ejI/8b8emZL18RoqHGQNbWCFEop5shwZ55UxZahP ei9QJZfdVt8E+tShTpDtRGyC9QhFfaXbnpKQ0miv0CVFI5xGF6GgwsWaGYF4oz4APArF YDKhQ+cMnpDBOpAotMeMDMLClWIVstfDZu1ea757Kfuq36VP+WsyIOT2Wkk/3W9tR8ee uYiw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=bhXrlChGg2rl90tLJ5th1PhwlSSouuNfzWZygMtEJTY=; b=OxK0QSwJ50WbIYoPRfzyKDZ9T5oVBuzpzBcneeBqzCsohsKaBIUcaDwT/+7H6C8aUZ U+c8Ks5AVplMHkHToGx+oke5JaGm0gyWs3QV7QeaMNMiRc+TqhtR34sSl++VmEToGJLi my2IZX4o5eyTxr1+MKnFzmDscXqHbeqN9uqJA8u6xjKEzdr7jarXNH8MH3sTd6Ybbu5X hU0x6muOVNy3uywmQPXbw9GtRq/25vbafxQ+OZ2vTaNFu5AUk6SRXMrMMEnr/gcFhj0Q LvUwgY0l+5oGksKgnc2P9AD/wFCDV5UTeYHPPz5FnI1kJpH8OOliW07eqp8LttHqZSHt T7sA== X-Gm-Message-State: APjAAAV2zYFUBg2l3ucopAlvLNL6aUUgwbBqKiY+sPFyK5l984XU6QJS RXDqDIgiuId9BDQkIykB0/OKcA== X-Google-Smtp-Source: APXvYqw+auUIfcwa7wjE47UdrW3owSIBU4QsUeaFbNcXV+CVmNF84sPx4pQxhQ70zh+GiKIcfzR9AA== X-Received: by 2002:a05:600c:1002:: with SMTP id c2mr4056999wmc.79.1573148130147; Thu, 07 Nov 2019 09:35:30 -0800 (PST) Return-Path: Received: from [10.0.0.122] ([84.203.91.209]) by smtp.googlemail.com with ESMTPSA id 200sm4084316wme.32.2019.11.07.09.35.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 Nov 2019 09:35:28 -0800 (PST) Subject: Re: [edk2-platforms][PATCH 1/1] Platform/RPi: Prevent buffer over-read when the command line is empty To: Leif Lindholm Cc: devel@edk2.groups.io, ard.biesheuvel@linaro.org, philmd@redhat.com References: <20191104160617.11036-1-pete@akeo.ie> <20191107162130.GQ16820@bivouac.eciton.net> <27d409b1-1761-8fe6-5c51-c4f53df3ce60@akeo.ie> <20191107172722.GV16820@bivouac.eciton.net> From: "Pete Batard" Message-ID: Date: Thu, 7 Nov 2019 17:35:27 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: <20191107172722.GV16820@bivouac.eciton.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-GB Content-Transfer-Encoding: 7bit On 2019.11.07 17:27, Leif Lindholm wrote: > On Thu, Nov 07, 2019 at 05:05:20PM +0000, Pete Batard wrote: >> Hi Leif, >> >> On 2019.11.07 16:21, Leif Lindholm wrote: >>> Patch looks good, but the term "command line" is a bit confusing. >>> >>> I assume we're talking about whatever way parameters are passed from >>> pre-edk2 firmware to edk2, right? >> >> Yes. This is basically what the Raspberry Pi VideoCore bootcode digests and >> passes as boot arguments to the ARM boot loader (i.e. our TF-A + EFI >> firmware executable). It contains options that the user may have set in >> their 'config.txt' as well as other data. > > Sure. > >>> Is there a more precise term for this? >> >> Would "boot arguments" or "external boot arguments" work for you? Or if you >> prefer "(external) boot parameters" should be applicable too. > > Either would be fine - I was just hoping there might be a recognized > standard name for them :) Well, as far as I know, the recognized standard name is "commandline" as per https://www.raspberrypi.org/documentation/configuration/config-txt/boot.md For instance there exists an option called disable_commandline_tags which pertains to what we are talking about. > So, I could update the subject line to > Platform/RPi: Prevent external boot arguments over-read > in order to keep it short, and change "command line" in the commit > message body to "external boot arguments" - does that work for you? If you can do that, that's great. Thanks! /Pete > > Regards, > > Leif > >> Regards, >> >> /Pete >> >>> >>> / >>> Leif >>> >>> On Mon, Nov 04, 2019 at 04:06:17PM +0000, Pete Batard wrote: >>>> From: Andrei Warkentin >>>> >>>> It is possible for the command line to be empty >>>> (Cmd->TagHead.TagValueSize = 0), in which case the code should not >>>> attempt to read the value at CommandLine[-1]. >>>> >>>> Signed-off-by: Pete Batard >>>> --- >>>> Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c | 3 ++- >>>> 1 file changed, 2 insertions(+), 1 deletion(-) >>>> >>>> diff --git a/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c b/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c >>>> index 5a9d4c3f1787..9b4aa068857c 100644 >>>> --- a/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c >>>> +++ b/Platform/RaspberryPi/Drivers/RpiFirmwareDxe/RpiFirmwareDxe.c >>>> @@ -927,7 +927,8 @@ RpiFirmwareGetCommmandLine ( >>>> CopyMem (CommandLine, Cmd->CommandLine, Cmd->TagHead.TagValueSize); >>>> - if (CommandLine[Cmd->TagHead.TagValueSize - 1] != '\0') { >>>> + if (Cmd->TagHead.TagValueSize == 0 || >>>> + CommandLine[Cmd->TagHead.TagValueSize - 1] != '\0') { >>>> // >>>> // Add a NUL terminator if required. >>>> // >>>> -- >>>> 2.21.0.windows.1 >>>> >>