[edk2-devel] [PATCH V2] UefiCpuPkg/MpInitLib: MicrocodeDetect: Ensure checked range is valid
Ni, Ray
ray.ni at intel.com
Wed Jun 26 01:57:30 UTC 2019
> > @@ -170,6 +170,7 @@ MicrocodeDetect (
> > /// Check overflow and whether TotalSize is aligned with 4 bytes.
> > ///
> > if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
> > + ((UINTN)MicrocodeEntryPoint + TotalSize) < (UINTN)
> > + CpuMpData->MicrocodePatchAddress ||
How about below check?
First comparison hits when the sum of MicrocodeEntryPoint and TotalSize overflows.
Second comparison hits when the sum crosses the boundary of the whole microcode buffer boundary
If (((UINTN) MicrocodeEntryPoint > MAX_UINTN - TotalSize) || ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd)
> > (TotalSize & 0x3) != 0
> > ) {
> > MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
> > MicrocodeEntryPoint) + SIZE_1KB);
> > --
> > 2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#42852): https://edk2.groups.io/g/devel/message/42852
Mute This Topic: https://groups.io/mt/32204622/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list