From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web11.5021.1581390186852917667 for ; Mon, 10 Feb 2020 19:03:06 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: zhichao.gao@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Feb 2020 19:03:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,427,1574150400"; d="scan'208";a="256343126" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by fmsmga004.fm.intel.com with ESMTP; 10 Feb 2020 19:03:06 -0800 Received: from shsmsx603.ccr.corp.intel.com (10.109.6.143) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 10 Feb 2020 19:03:06 -0800 Received: from shsmsx603.ccr.corp.intel.com (10.109.6.143) by SHSMSX603.ccr.corp.intel.com (10.109.6.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 11 Feb 2020 11:03:04 +0800 Received: from shsmsx603.ccr.corp.intel.com ([10.109.6.143]) by SHSMSX603.ccr.corp.intel.com ([10.109.6.143]) with mapi id 15.01.1713.004; Tue, 11 Feb 2020 11:03:04 +0800 From: "Gao, Zhichao" To: "devel@edk2.groups.io" , "krzysztof.koch@arm.com" CC: "Ni, Ray" , "Matteo.Carlini@arm.com" , "sami.mujawar@arm.com" , "nd@arm.com" Subject: Re: [edk2-devel] [PATCH v1 1/1] ShellPkg: acpiview: Validate ACPI table 'Length' field Thread-Topic: [edk2-devel] [PATCH v1 1/1] ShellPkg: acpiview: Validate ACPI table 'Length' field Thread-Index: AQHV14kvZhZwPeaV+0SHLIgn4ZaLAKgVXqsg Date: Tue, 11 Feb 2020 03:03:04 +0000 Message-ID: References: <20200130161958.40212-1-krzysztof.koch@arm.com> In-Reply-To: <20200130161958.40212-1-krzysztof.koch@arm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows x-ctpclassification: CTP_NT x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOWJjZmRlM2EtZjEyOC00NGZlLTkyOTUtMGU5YmU5OGUyY2YzIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiamFRS3dSZjlHSzE0ZnV2Q2lSSW53cnFkQUU5RGtGQ1hZTlJPaTVvbERNdWE0SEdoRFIyNDB5OGdjTlBpXC9JWDAifQ== dlp-reaction: no-action dlp-version: 11.2.0.6 x-originating-ip: [10.239.127.36] MIME-Version: 1.0 Return-Path: zhichao.gao@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Krzysztof > Koch > Sent: Friday, January 31, 2020 12:20 AM > To: devel@edk2.groups.io > Cc: Ni, Ray ; Gao, Zhichao ; > Matteo.Carlini@arm.com; sami.mujawar@arm.com; nd@arm.com > Subject: [edk2-devel] [PATCH v1 1/1] ShellPkg: acpiview: Validate ACPI t= able > 'Length' field >=20 > Check if the ACPI table length, as reported in the ACPI table header, is= big > enough to fit at least the header itself. >=20 > If not, report an error to the user and stop parsing the table in order = to prevent > buffer overruns. >=20 > Signed-off-by: Krzysztof Koch > --- >=20 > Changes can be seet at: > https://github.com/KrzysztofKoch1/edk2/pull/new/650_add_checks_process_a > cpi_table_v1 >=20 > Notes: > v1: > - Validate ACPI table length [Krzysztof] >=20 > ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiTableParser.c | 22 > +++++++++++++++++++- > 1 file changed, 21 insertions(+), 1 deletion(-) >=20 > diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiTableParse= r.c > b/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiTableParser.c > index > d5500bcb2b4a55c7a69f45444aa49d36d2c1694f..0c93bca4fc0f7d2f105a765425 > 8e00f714fc1519 100644 > --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiTableParser.c > +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiTableParser.c > @@ -1,7 +1,7 @@ > /** @file > ACPI table parser >=20 > - Copyright (c) 2016 - 2019, ARM Limited. All rights reserved. > + Copyright (c) 2016 - 2020, ARM Limited. All rights reserved. > SPDX-License-Identifier: BSD-2-Clause-Patent **/ >=20 > @@ -176,6 +176,7 @@ ProcessAcpiTable ( > CONST UINT32* AcpiTableSignature; > CONST UINT32* AcpiTableLength; > CONST UINT8* AcpiTableRevision; > + CONST UINT8* SignaturePtr; > PARSE_ACPI_TABLE_PROC ParserProc; >=20 > ParseAcpiHeader ( > @@ -193,6 +194,25 @@ ProcessAcpiTable ( >=20 > if (Trace) { > DumpRaw (Ptr, *AcpiTableLength); > + > + /* > + Do not process the ACPI table any further if the table length rea= d > + is invalid. The ACPI table should at least contain the table head= er. > + */ The internal comment is suggested to use C++ style, refer to CSS 2.1 secti= on 6.5.2.1: For internal code comments, use C++ style (//) comment lines. Thanks, Zhichao > + if (*AcpiTableLength < sizeof (EFI_ACPI_DESCRIPTION_HEADER)) { > + SignaturePtr =3D (CONST UINT8*)AcpiTableSignature; > + IncrementErrorCount (); > + Print ( > + L"ERROR: Invalid %c%c%c%c table length. Length =3D %d\n", > + SignaturePtr[0], > + SignaturePtr[1], > + SignaturePtr[2], > + SignaturePtr[3], > + *AcpiTableLength > + ); > + return; > + } > + > if (GetConsistencyChecking ()) { > VerifyChecksum (TRUE, Ptr, *AcpiTableLength); > } > -- > 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' >=20 >=20 >=20 >=20