[edk2-devel] 回复: [PATCH EDK2 v1 1/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow
gaoliming
gaoliming at byosoft.com.cn
Fri Nov 20 06:05:54 UTC 2020
Wenyi:
HstiSize is the size of Hsti. Hsti points to the structure
ADAPTER_INFO_PLATFORM_SECURITY.
So, HstiSize should be larger than sizeof
(ADAPTER_INFO_PLATFORM_SECURITY).
If this checker is required, it needs to be added into
InternalHstiFindAip() after Hsti is got from GetInformation().
Thanks
Liming
> -----邮件原件-----
> 发件人: Wenyi Xie <xiewenyi2 at huawei.com>
> 发送时间: 2020年11月19日 17:27
> 收件人: devel at edk2.groups.io; michael.d.kinney at intel.com;
> gaoliming at byosoft.com.cn; zhiguang.liu at intel.com
> 抄送: songdongkuang at huawei.com; xiewenyi2 at huawei.com
> 主题: [PATCH EDK2 v1 1/1] MdePkg/DxeHstiLib: avoid Hsti offset overflow
>
> add conditional operator to check whether the HstiSize is larger than
> sizeof(CHAR16). If not, setting offset to 0 to avoid overflow.
>
> Cc: Michael D Kinney <michael.d.kinney at intel.com>
> Cc: Liming Gao <gaoliming at byosoft.com.cn>
> Cc: Zhiguang Liu <zhiguang.liu at intel.com>
> Signed-off-by: Wenyi Xie <xiewenyi2 at huawei.com>
> ---
> MdePkg/Library/DxeHstiLib/HstiDxe.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/MdePkg/Library/DxeHstiLib/HstiDxe.c
> b/MdePkg/Library/DxeHstiLib/HstiDxe.c
> index 4e1c67616b01..f04e6f13b7e5 100644
> --- a/MdePkg/Library/DxeHstiLib/HstiDxe.c
> +++ b/MdePkg/Library/DxeHstiLib/HstiDxe.c
> @@ -519,7 +519,7 @@ InternalHstiRecordErrorString (
> }
>
> if (Append) {
> - Offset = HstiSize - sizeof(CHAR16);
> + Offset = (HstiSize >= sizeof(CHAR16)) ? (HstiSize - sizeof(CHAR16)) :
0;
> } else {
> Offset = sizeof(ADAPTER_INFO_PLATFORM_SECURITY) +
> Hsti->SecurityFeaturesSize * 3;
> }
> --
> 2.20.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67745): https://edk2.groups.io/g/devel/message/67745
Mute This Topic: https://groups.io/mt/78383808/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list