From nobody Wed Feb 11 05:13:29 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53414+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1579518882393494.6805797024333;
 Mon, 20 Jan 2020 03:14:42 -0800 (PST)
Return-Path: <bounce+27952+53414+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id NmUmYY1788612xlAgHptLvrh;
 Mon, 20 Jan 2020 03:14:42 -0800
X-Received: from EUR04-HE1-obe.outbound.protection.outlook.com
 (EUR04-HE1-obe.outbound.protection.outlook.com [40.107.7.71])
 by mx.groups.io with SMTP id smtpd.web10.9240.1579518880700285004
 for <devel@edk2.groups.io>;
 Mon, 20 Jan 2020 03:14:41 -0800
X-Received: from VI1PR08CA0158.eurprd08.prod.outlook.com
 (2603:10a6:800:d1::12)
 by AM0PR08MB4612.eurprd08.prod.outlook.com (2603:10a6:208:105::25) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.24; Mon, 20 Jan
 2020 11:14:37 +0000
X-Received: from AM5EUR03FT029.eop-EUR03.prod.protection.outlook.com
 (2a01:111:f400:7e08::206) by VI1PR08CA0158.outlook.office365.com
 (2603:10a6:800:d1::12) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.18 via Frontend
 Transport; Mon, 20 Jan 2020 11:14:37 +0000
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53414+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates
 63.35.35.123 as permitted sender) receiver=protection.outlook.com;
 client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
X-Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123)
 by
 AM5EUR03FT029.mail.protection.outlook.com (10.152.16.150) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:36 +0000
X-Received: ("Tessian outbound 1da651c29646:v40");
 Mon, 20 Jan 2020 11:14:36 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 4467f73f2ee61145
X-CR-MTA-TID: 64aa7808
X-Received: from 465b9a6ec0a5.1
	by 64aa7808-outbound-1.mta.getcheckrecipient.com id
 AB21292A-D86A-4930-8CA7-41FCE617E43E.1;
	Mon, 20 Jan 2020 11:14:31 +0000
X-Received: from EUR05-AM6-obe.outbound.protection.outlook.com
    by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id
 465b9a6ec0a5.1
    (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384);
    Mon, 20 Jan 2020 11:14:31 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=JIc3JxDwqmF4zseRJVZuNZlnVYhqowEM3LMYNc27GgBypv491NZcYjOhJrknFVOnm1t7vmClS2QlWQSuwwbrxlsm5nZH3UCaesG2hFckoMTzfRzAE3NlYjpMYq+PPh/Iis4IfzkIMAMMratE62uf4u+wtjqjpfFfP8DeSc/NxVnTTZmei59orAac4w15PTS9YD4tlYP31kfiwd61xkx7Vjs4W0R7e2+7VqlrUdv8+wr5GoRR3ZvSpU4Ng8/Q52OzvdLWYtd0hxyHN3luTIIf1EY5jfRfklpL0SkrJ/BqSFlC2y/JFS+8BcWvYgvNEBG7xf+LMafct/mHrn4HSKgvnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=MnXt5eEHoGvExUMRqitUn405zehOqKOYzBZTItrVows=;
 b=kKqtShS9rh95yzDoXFo4azAM7MzUuuFw1u/1zMD6vn+lUEK7qpBeKL0wWmDb54jnELT64Jf8tW6gVIYVt9ac+kzPEMZFY3q75w5RzXZdC7MUmIPDmV7vZLiIcGZzzfq+ZzOiVNFqyU7ZoOOqL8uGDDhLZqcM6fZtwKkV0zO8y2wTS9oNw5/pMooTST1zzcbkXC2TMY+4enyKW8EaTHtq7+3j1JlkKoBTtfAMJI/czZ9Xet9NycgZxCJVFuB+Cr5+dZe/RN9Y+dY5p6G8wKC8jVnJFQP70R+fkOmzvnJcaEdQzYyI28+oYBlosOb357UHDhAC/ESYTcLiMjvU4u2s3w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com;
 dmarc=bestguesspass action=none header.from=arm.com; dkim=none (message not
 signed); arc=none
X-Received: from VI1PR08CA0212.eurprd08.prod.outlook.com
 (2603:10a6:802:15::21)
 by VI1PR08MB3791.eurprd08.prod.outlook.com (2603:10a6:803:c0::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.19; Mon, 20 Jan
 2020 11:14:30 +0000
X-Received: from AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com
 (2a01:111:f400:7e08::209) by VI1PR08CA0212.outlook.office365.com
 (2603:10a6:802:15::21) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend
 Transport; Mon, 20 Jan 2020 11:14:30 +0000
Authentication-Results-Original: spf=pass (sender IP is 40.67.248.234)
 smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=bestguesspass action=none
 header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates
 40.67.248.234 as permitted sender) receiver=protection.outlook.com;
 client-ip=40.67.248.234; helo=nebula.arm.com;
X-Received: from nebula.arm.com (40.67.248.234) by
 AM5EUR03FT028.mail.protection.outlook.com (10.152.16.118) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:29 +0000
X-Received: from AZ-NEU-EX01.Emea.Arm.com (10.251.26.4) by AZ-NEU-EX03.Arm.com
 (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1415.2; Mon, 20 Jan
 2020 11:14:09 +0000
X-Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by
 AZ-NEU-EX01.Emea.Arm.com
 (10.251.26.4) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1779.2; Mon, 20
 Jan 2020 11:14:09 +0000
X-Received: from E119924.Arm.com (10.37.9.56) by mail.arm.com (10.251.24.32)
 with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Mon, 20 Jan
 2020 11:14:09 +0000
From: "Krzysztof Koch" <krzysztof.koch@arm.com>
To: <devel@edk2.groups.io>
CC: <ray.ni@intel.com>, <zhichao.gao@intel.com>, <Sami.Mujawar@arm.com>,
	<Matteo.Carlini@arm.com>, <nd@arm.com>
Subject: [edk2-devel] [PATCH v3 11/11] ShellPkg: acpiview: DBG2: Validate
 global pointers before use
Date: Mon, 20 Jan 2020 11:13:51 +0000
Message-ID: <20200120111351.29184-12-krzysztof.koch@arm.com>
In-Reply-To: <20200120111351.29184-1-krzysztof.koch@arm.com>
References: <20200120111351.29184-1-krzysztof.koch@arm.com>
MIME-Version: 1.0
X-EOPAttributedMessage: 1
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report-Untrusted: 
 CIP:40.67.248.234;IPV:;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(39860400002)(136003)(376002)(396003)(346002)(199004)(189003)(478600001)(54906003)(4326008)(8676002)(81166006)(186003)(81156014)(1076003)(8936002)(15650500001)(2616005)(316002)(26005)(2906002)(336012)(7696005)(426003)(70586007)(70206006)(86362001)(356004)(6666004)(44832011)(6916009)(36756003)(5660300002);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR08MB3791;H:nebula.arm.com;FPR:;SPF:Pass;LANG:en;PTR:InfoDomainNonexistent;A:1;MX:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 2ba8e612-f6a4-49e6-bcf6-08d79d99ef7f
X-MS-TrafficTypeDiagnostic: VI1PR08MB3791:|AM0PR08MB4612:
X-Microsoft-Antispam-PRVS: 
 <AM0PR08MB461269424C358B9103B87DDC84320@AM0PR08MB4612.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
NoDisclaimer: True
X-MS-Oob-TLC-OOBClassifiers: OLM:3826;OLM:3826;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 
 eZRmNgxPG5AvWtF1Y9+RdOaJwX3F9ThvrcSVBfHk3FfySiCdfjhcs0rUhNvIiEhUk44msIu311ADdHVbpFyTiNKuhAWwvwOnZgS0vzF27VIvC55mzVUSFYN2uZuBxixp22a19M+o9diAdN627le5UFpQ3TP4xqCSyjMHkJjuqGuD3RbL299lsnV28r7JHVgfCo/GIREJz4+6ILk4QkMUtwIpUq9n3S7Ls9QiYiu0RjJ4ap+g93MQfG1th1yaw1YTvBbjp9aLr+eaLhEGXB+2QOIhfWIKoETzUU70RC4FbyZaFuoYyowDt+iwuuEnoA0ra2m1quIPk29wGVp/+S+Va1Dwtl7MfM/cTsYiiU3pooX8oJbJ9PQ9jeH40R0fGdmaTl88LW6OGcrfR1jDH2I8tYVg8YO4tmXv2LYdiJoNJVjmPQaoqTlW3dnNx3s/RxDC
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3791
Original-Authentication-Results: spf=pass (sender IP is 40.67.248.234)
 smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=bestguesspass action=none
 header.from=arm.com;
X-MS-Exchange-Transport-CrossTenantHeadersStripped: 
 AM5EUR03FT029.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: 
 45ff05ea-2bcc-453e-defd-08d79d99eb54
X-Microsoft-Antispam-Message-Info: 
 VhjUa+gbcqifbEVzVcUqV/0cw3WrE7GXEupGPeIIhOGrGaErwKtJ54Bjhyr/Cg1V3zy2gCjAfjYymhypMNn0rBk4BftPpvaptW+2SQLJkwS2AymoHGcosokGuLJGY6RASR0BwVoX412+tdib4pvwf1wX6ZldkosshkoGWqeU0yQzHSADHXgyYVZlHC616riZWsqK5SooNG5VzHYOcybguoID9FFAYDCL3ihg3s1Vp3ZBGbFPjCrqN5PFPN8acXAmkhqUU4JxF43g3z5xQFYAY8geaITu0RhBxjH1L8wa5UBy/aZFBt7MCGYKNKSK0uAAH6RbApaarhi9b2GIhlAUjFlyFz7zTE3hSbStZYhdCjfedmvOMz2WDaPhuGJ8eu/9LsoxYm8mpKMjgqxH9lHxbY0/EEFY46TQz1tBWJV5MQi7Ul8CVTxKCWgU0+DnbK9L
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jan 2020 11:14:36.9287
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 2ba8e612-f6a4-49e6-bcf6-08d79d99ef7f
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4612
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,krzysztof.koch@arm.com
X-Gm-Message-State: QGkHqy0J8JfI2yF8chMykEdMx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1579518882;
 bh=mqfpJcP7DjJXtn1ZAuQ4Ze/TTHfrQGo7/BbxF5oGLnM=;
 h=CC:Content-Type:Date:From:Reply-To:Subject:To;
 b=ne5bsn9+we0TUM151oltj0VOGXbtGb2FWkM++nPAVNBSA7dG8kA5wYMiATL1SnLaEzf
 7YnN7jp+QegzyNVHE+aqSkz0EN9S06jfoqi37NWjXZjbD5tQqIGvK6BmATQQpUTTcrZz+
 NNqKAmzXWiNS+OwEzV732nWBMGfFY0Mehq8=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Check if global (in the scope of the DBG2 parser) pointers have been
successfully updated before they are used for further table parsing.

Signed-off-by: Krzysztof Koch <krzysztof.koch@arm.com>
---

Notes:
    v3:
    - Rebase on latest master [Krzysztof]

    v1:
    - Test against NULL pointers [Krzysztof]

 ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c | 4=
3 ++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2=
Parser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Pa=
rser.c
index 869e700b9beda4886bf7bc5ae4ced3ab9a59efa3..0f730a306a94329a23fbaf54b59=
f1833b44616ba 100644
--- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c
+++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c
@@ -123,6 +123,24 @@ DumpDbgDeviceInfo (
     PARSER_PARAMS (DbgDevInfoParser)
     );
=20
+  // Check if the values used to control the parsing logic have been
+  // successfully read.
+  if ((GasCount =3D=3D NULL)              ||
+      (NameSpaceStringLength =3D=3D NULL) ||
+      (NameSpaceStringOffset =3D=3D NULL) ||
+      (OEMDataLength =3D=3D NULL)         ||
+      (OEMDataOffset =3D=3D NULL)         ||
+      (BaseAddrRegOffset =3D=3D NULL)     ||
+      (AddrSizeOffset =3D=3D NULL)) {
+    IncrementErrorCount ();
+    Print (
+      L"ERROR: Insufficient Debug Device Information Structure length. " \
+        L"Length =3D %d.\n",
+      Length
+      );
+    return;
+  }
+
   // GAS
   Index =3D 0;
   Offset =3D *BaseAddrRegOffset;
@@ -224,6 +242,18 @@ ParseAcpiDbg2 (
              PARSER_PARAMS (Dbg2Parser)
              );
=20
+  // Check if the values used to control the parsing logic have been
+  // successfully read.
+  if ((OffsetDbgDeviceInfo =3D=3D NULL) ||
+      (NumberDbgDeviceInfo =3D=3D NULL)) {
+    IncrementErrorCount ();
+    Print (
+      L"ERROR: Insufficient table length. AcpiTableLength =3D %d\n",
+      AcpiTableLength
+      );
+    return;
+  }
+
   Offset =3D *OffsetDbgDeviceInfo;
   Index =3D 0;
=20
@@ -239,6 +269,19 @@ ParseAcpiDbg2 (
       PARSER_PARAMS (DbgDevInfoHeaderParser)
       );
=20
+    // Check if the values used to control the parsing logic have been
+    // successfully read.
+    if (DbgDevInfoLen =3D=3D NULL) {
+      IncrementErrorCount ();
+      Print (
+        L"ERROR: Insufficient remaining table buffer length to read the " \
+          L"Debug Device Information structure's 'Length' field. " \
+          L"RemainingTableBufferLength =3D %d.\n",
+        AcpiTableLength - Offset
+        );
+      return;
+    }
+
     // Make sure the Debug Device Information structure lies inside the ta=
ble.
     if ((Offset + *DbgDevInfoLen) > AcpiTableLength) {
       IncrementErrorCount ();
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53414): https://edk2.groups.io/g/devel/message/53414
Mute This Topic: https://groups.io/mt/69929579/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-