From: VincentX Ke <vincentx.ke@intel.com>
Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)
No need to print PCIe details while CapabilityId is 0xFFFF.
Limit the NextCapabilityOffset value to AllocatePool() memory.
Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
---
ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
index a2f04d8db5..9ebf1c26ef 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
@@ -2038,12 +2038,14 @@ LocatePciCapability (
@param[in] PciExpressCap PCI Express capability buffer.
@param[in] ExtendedConfigSpace PCI Express extended configuration space.
+ @param[in] ExtendedConfigSize PCI Express extended configuration size.
@param[in] ExtendedCapability PCI Express extended capability ID to explain.
**/
VOID
PciExplainPciExpress (
IN PCI_CAPABILITY_PCIEXP *PciExpressCap,
IN UINT8 *ExtendedConfigSpace,
+ IN UINTN ExtendedConfigSize,
IN CONST UINT16 ExtendedCapability
);
@@ -2921,6 +2923,7 @@ ShellCommandRunPci (
PciExplainPciExpress (
(PCI_CAPABILITY_PCIEXP *) ((UINT8 *) &ConfigSpace + PcieCapabilityPtr),
ExtendedConfigSpace,
+ ExtendedConfigSize,
ExtendedCapability
);
}
@@ -5698,12 +5701,14 @@ PrintPciExtendedCapabilityDetails(
@param[in] PciExpressCap PCI Express capability buffer.
@param[in] ExtendedConfigSpace PCI Express extended configuration space.
+ @param[in] ExtendedConfigSize PCI Express extended configuration size.
@param[in] ExtendedCapability PCI Express extended capability ID to explain.
**/
VOID
PciExplainPciExpress (
IN PCI_CAPABILITY_PCIEXP *PciExpressCap,
IN UINT8 *ExtendedConfigSpace,
+ IN UINTN ExtendedConfigSize,
IN CONST UINT16 ExtendedCapability
)
{
@@ -5786,7 +5791,7 @@ PciExplainPciExpress (
}
ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;
- while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {
+ while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr->CapabilityId != 0xFFFF) {
//
// Process this item
//
@@ -5800,7 +5805,7 @@ PciExplainPciExpress (
//
// Advance to the next item if it exists
//
- if (ExtHdr->NextCapabilityOffset != 0) {
+ if (ExtHdr->NextCapabilityOffset != 0 && (ExtHdr->NextCapabilityOffset <= (UINT32)(ExtendedConfigSize - sizeof (PCI_EXP_EXT_HDR)))) {
ExtHdr = (PCI_EXP_EXT_HDR*)(ExtendedConfigSpace + ExtHdr->NextCapabilityOffset - EFI_PCIE_CAPABILITY_BASE_OFFSET);
} else {
break;
--
2.18.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72862): https://edk2.groups.io/g/devel/message/72862
Mute This Topic: https://groups.io/mt/81372175/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Hi Ian/Vincent, Sorry, I just notice the NextCapabilityOffset starts from base address of the PCI config space. So the comment I give in previous patch is incorrect. And refer the PCIe spec, its valid value should be 0x100 to (0x1000 - sizeof (PCI_EXP_EXT_HDR)) or 0x0 (to terminate the list of capabilities). The title of the patch is too common. The title should give a tiny description of the change. Here is an example: ShellPkg/Pci: Add valid check for PCI extended config space parser If you have a better title, just update your own style. Thanks, Zhichao > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of IanX > Kuo > Sent: Saturday, April 10, 2021 1:35 AM > To: devel@edk2.groups.io > Cc: Ke, VincentX <vincentx.ke@intel.com> > Subject: [edk2-devel] [PATCH] ShellPkg/Library: Fix bug in Pci.c > > From: VincentX Ke <vincentx.ke@intel.com> > > Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262) > > No need to print PCIe details while CapabilityId is 0xFFFF. > Limit the NextCapabilityOffset value to AllocatePool() memory. > > Signed-off-by: VincentX Ke <vincentx.ke@intel.com> > --- > ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > > diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c > b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c > index a2f04d8db5..9ebf1c26ef 100644 > --- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c > +++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c > @@ -2038,12 +2038,14 @@ LocatePciCapability ( > @param[in] PciExpressCap PCI Express capability buffer. @param[in] > ExtendedConfigSpace PCI Express extended configuration space.+ > @param[in] ExtendedConfigSize PCI Express extended configuration size. > @param[in] ExtendedCapability PCI Express extended capability ID to > explain. **/ VOID PciExplainPciExpress ( IN PCI_CAPABILITY_PCIEXP > *PciExpressCap, IN UINT8 *ExtendedConfigSpace,+ IN > UINTN ExtendedConfigSize, IN CONST UINT16 > ExtendedCapability ); @@ -2921,6 +2923,7 @@ ShellCommandRunPci ( > PciExplainPciExpress ( (PCI_CAPABILITY_PCIEXP *) ((UINT8 *) > &ConfigSpace + PcieCapabilityPtr), ExtendedConfigSpace,+ > ExtendedConfigSize, ExtendedCapability ); }@@ -5698,12 > +5701,14 @@ PrintPciExtendedCapabilityDetails( > @param[in] PciExpressCap PCI Express capability buffer. @param[in] > ExtendedConfigSpace PCI Express extended configuration space.+ > @param[in] ExtendedConfigSize PCI Express extended configuration size. > @param[in] ExtendedCapability PCI Express extended capability ID to > explain. **/ VOID PciExplainPciExpress ( IN PCI_CAPABILITY_PCIEXP > *PciExpressCap, IN UINT8 *ExtendedConfigSpace,+ IN > UINTN ExtendedConfigSize, IN CONST UINT16 > ExtendedCapability ) {@@ -5786,7 +5791,7 @@ PciExplainPciExpress ( > } ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;- while (ExtHdr- > >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {+ while (ExtHdr- > >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr- > >CapabilityId != 0xFFFF) { // // Process this item //@@ -5800,7 +5805,7 > @@ PciExplainPciExpress ( > // // Advance to the next item if it exists //- if (ExtHdr- > >NextCapabilityOffset != 0) {+ if (ExtHdr->NextCapabilityOffset != 0 && > (ExtHdr->NextCapabilityOffset <= (UINT32)(ExtendedConfigSize - sizeof > (PCI_EXP_EXT_HDR)))) { ExtHdr = > (PCI_EXP_EXT_HDR*)(ExtendedConfigSpace + ExtHdr->NextCapabilityOffset > - EFI_PCIE_CAPABILITY_BASE_OFFSET); } else { break;-- > 2.18.0.windows.1 > > > > -=-=-=-=-=-= > Groups.io Links: You receive all messages sent to this group. > View/Reply Online (#72862): https://edk2.groups.io/g/devel/message/72862 > Mute This Topic: https://groups.io/mt/81372175/1768756 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [zhichao.gao@intel.com] > -=-=-=-=-=-= > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#72944): https://edk2.groups.io/g/devel/message/72944 Mute This Topic: https://groups.io/mt/81372175/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.