From: VincentX Ke <vincentx.ke@intel.com>
Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)
No need to print PCIe details while CapabilityId is 0xFFFF.
Limit the NextCapabilityOffset value to AllocatePool() memory.
Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
---
ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
index a2f04d8db5..9ebf1c26ef 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
@@ -2038,12 +2038,14 @@ LocatePciCapability (
@param[in] PciExpressCap PCI Express capability buffer.
@param[in] ExtendedConfigSpace PCI Express extended configuration space.
+ @param[in] ExtendedConfigSize PCI Express extended configuration size.
@param[in] ExtendedCapability PCI Express extended capability ID to explain.
**/
VOID
PciExplainPciExpress (
IN PCI_CAPABILITY_PCIEXP *PciExpressCap,
IN UINT8 *ExtendedConfigSpace,
+ IN UINTN ExtendedConfigSize,
IN CONST UINT16 ExtendedCapability
);
@@ -2921,6 +2923,7 @@ ShellCommandRunPci (
PciExplainPciExpress (
(PCI_CAPABILITY_PCIEXP *) ((UINT8 *) &ConfigSpace + PcieCapabilityPtr),
ExtendedConfigSpace,
+ ExtendedConfigSize,
ExtendedCapability
);
}
@@ -5698,12 +5701,14 @@ PrintPciExtendedCapabilityDetails(
@param[in] PciExpressCap PCI Express capability buffer.
@param[in] ExtendedConfigSpace PCI Express extended configuration space.
+ @param[in] ExtendedConfigSize PCI Express extended configuration size.
@param[in] ExtendedCapability PCI Express extended capability ID to explain.
**/
VOID
PciExplainPciExpress (
IN PCI_CAPABILITY_PCIEXP *PciExpressCap,
IN UINT8 *ExtendedConfigSpace,
+ IN UINTN ExtendedConfigSize,
IN CONST UINT16 ExtendedCapability
)
{
@@ -5786,7 +5791,7 @@ PciExplainPciExpress (
}
ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;
- while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {
+ while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr->CapabilityId != 0xFFFF) {
//
// Process this item
//
@@ -5800,7 +5805,7 @@ PciExplainPciExpress (
//
// Advance to the next item if it exists
//
- if (ExtHdr->NextCapabilityOffset != 0) {
+ if (ExtHdr->NextCapabilityOffset != 0 && (ExtHdr->NextCapabilityOffset <= (UINT32)(ExtendedConfigSize - sizeof (PCI_EXP_EXT_HDR)))) {
ExtHdr = (PCI_EXP_EXT_HDR*)(ExtendedConfigSpace + ExtHdr->NextCapabilityOffset - EFI_PCIE_CAPABILITY_BASE_OFFSET);
} else {
break;
--
2.18.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72862): https://edk2.groups.io/g/devel/message/72862
Mute This Topic: https://groups.io/mt/81372175/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Hi Ian/Vincent,
Sorry, I just notice the NextCapabilityOffset starts from base address of the PCI config space. So the comment I give in previous patch is incorrect.
And refer the PCIe spec, its valid value should be 0x100 to (0x1000 - sizeof (PCI_EXP_EXT_HDR)) or 0x0 (to terminate the list of capabilities).
The title of the patch is too common. The title should give a tiny description of the change.
Here is an example:
ShellPkg/Pci: Add valid check for PCI extended config space parser
If you have a better title, just update your own style.
Thanks,
Zhichao
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of IanX
> Kuo
> Sent: Saturday, April 10, 2021 1:35 AM
> To: devel@edk2.groups.io
> Cc: Ke, VincentX <vincentx.ke@intel.com>
> Subject: [edk2-devel] [PATCH] ShellPkg/Library: Fix bug in Pci.c
>
> From: VincentX Ke <vincentx.ke@intel.com>
>
> Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)
>
> No need to print PCIe details while CapabilityId is 0xFFFF.
> Limit the NextCapabilityOffset value to AllocatePool() memory.
>
> Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
> ---
> ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> index a2f04d8db5..9ebf1c26ef 100644
> --- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> +++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> @@ -2038,12 +2038,14 @@ LocatePciCapability (
> @param[in] PciExpressCap PCI Express capability buffer. @param[in]
> ExtendedConfigSpace PCI Express extended configuration space.+
> @param[in] ExtendedConfigSize PCI Express extended configuration size.
> @param[in] ExtendedCapability PCI Express extended capability ID to
> explain. **/ VOID PciExplainPciExpress ( IN PCI_CAPABILITY_PCIEXP
> *PciExpressCap, IN UINT8 *ExtendedConfigSpace,+ IN
> UINTN ExtendedConfigSize, IN CONST UINT16
> ExtendedCapability ); @@ -2921,6 +2923,7 @@ ShellCommandRunPci (
> PciExplainPciExpress ( (PCI_CAPABILITY_PCIEXP *) ((UINT8 *)
> &ConfigSpace + PcieCapabilityPtr), ExtendedConfigSpace,+
> ExtendedConfigSize, ExtendedCapability ); }@@ -5698,12
> +5701,14 @@ PrintPciExtendedCapabilityDetails(
> @param[in] PciExpressCap PCI Express capability buffer. @param[in]
> ExtendedConfigSpace PCI Express extended configuration space.+
> @param[in] ExtendedConfigSize PCI Express extended configuration size.
> @param[in] ExtendedCapability PCI Express extended capability ID to
> explain. **/ VOID PciExplainPciExpress ( IN PCI_CAPABILITY_PCIEXP
> *PciExpressCap, IN UINT8 *ExtendedConfigSpace,+ IN
> UINTN ExtendedConfigSize, IN CONST UINT16
> ExtendedCapability ) {@@ -5786,7 +5791,7 @@ PciExplainPciExpress (
> } ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;- while (ExtHdr-
> >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {+ while (ExtHdr-
> >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr-
> >CapabilityId != 0xFFFF) { // // Process this item //@@ -5800,7 +5805,7
> @@ PciExplainPciExpress (
> // // Advance to the next item if it exists //- if (ExtHdr-
> >NextCapabilityOffset != 0) {+ if (ExtHdr->NextCapabilityOffset != 0 &&
> (ExtHdr->NextCapabilityOffset <= (UINT32)(ExtendedConfigSize - sizeof
> (PCI_EXP_EXT_HDR)))) { ExtHdr =
> (PCI_EXP_EXT_HDR*)(ExtendedConfigSpace + ExtHdr->NextCapabilityOffset
> - EFI_PCIE_CAPABILITY_BASE_OFFSET); } else { break;--
> 2.18.0.windows.1
>
>
>
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#72862): https://edk2.groups.io/g/devel/message/72862
> Mute This Topic: https://groups.io/mt/81372175/1768756
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [zhichao.gao@intel.com]
> -=-=-=-=-=-=
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72944): https://edk2.groups.io/g/devel/message/72944
Mute This Topic: https://groups.io/mt/81372175/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2026 Red Hat, Inc.