From nobody Tue Feb 10 09:10:57 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+53409+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1579518873926272.7422484615457; Mon, 20 Jan 2020 03:14:33 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id mDHGYY1788612xUiJCoRVW1J; Mon, 20 Jan 2020 03:14:33 -0800 X-Received: from EUR01-HE1-obe.outbound.protection.outlook.com (EUR01-HE1-obe.outbound.protection.outlook.com [40.107.13.75]) by mx.groups.io with SMTP id smtpd.web12.9149.1579518872371146975 for ; Mon, 20 Jan 2020 03:14:32 -0800 X-Received: from VI1PR0802CA0015.eurprd08.prod.outlook.com (2603:10a6:800:aa::25) by HE1PR0802MB2571.eurprd08.prod.outlook.com (2603:10a6:3:e2::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.24; Mon, 20 Jan 2020 11:14:28 +0000 X-Received: from DB5EUR03FT062.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::204) by VI1PR0802CA0015.outlook.office365.com (2603:10a6:800:aa::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.19 via Frontend Transport; Mon, 20 Jan 2020 11:14:28 +0000 Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+53409+1787277+3901457@groups.io; helo=web01.groups.io; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; X-Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT062.mail.protection.outlook.com (10.152.20.197) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:28 +0000 X-Received: ("Tessian outbound ba41a0333779:v40"); Mon, 20 Jan 2020 11:14:28 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 17ce00c538a2498d X-CR-MTA-TID: 64aa7808 X-Received: from a98c313ca029.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 52E4AC4E-1A97-4BE5-B8B3-24CFC9D90D9F.1; Mon, 20 Jan 2020 11:14:22 +0000 X-Received: from EUR02-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id a98c313ca029.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 20 Jan 2020 11:14:22 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DHkQ3S7SUsqicudulYOgykTBml884IGOQ0LaO7FoaGBTWcrYVmegwIkGNe68ds7gZswMyK++uAS/Zu13EvTG3joyk8b3D3/9IqWXSkDjyopQ6daHkLu/cjNpnouB6pZ8dm36dcY59ismfuss4VZP+ZzuF2wlAAAb9k8t7IFRMRb+5i9fHORt06AJ3aCx+5Ctm0eOXIoKgCEV4adfPwB/6ro+nf6iy/v+WMFj9NeVmboQ0ToteFsvs8kFD4MCapRhSsb57+UDqbfoWy0ng/9hgWG5zfD26NDBFgNwDsc6sUgNUQheK0b/WvmnQTTsEu47Wa5FbbERLX6GJ45khNz3Ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xbLsXS/cNKfpg3dKgpcfFt4SmkVIkYENWGLisyf6f+U=; b=fn6kVIpOLTGCZdaIi7F5noWiha/tfiShTv2WyKI9i9NqQ/d5eG59QdMFrnMfDI30s6KXnOaoTlpxiY0lE8Pxe5zMaNITRL3nxuy+UXE4piGZaxNik9ZKYe5DCU47ztkMlOj2+Vwd/qe4IygAoU8VYW7wRNtvPAs112SzcgmN0hvnYOznfvBBwZgL/TPZ4KqNAp4T0zswyg+Y2SAlb8toAddZWdsNvQla82lreTi5byzWztOvtly1vJfj/SLaRnEYDD+O2GUvCd32aVt4qjhBmDOFyOxuB0kM0yXjDH+HnG0N+EpDMV/ze0jN0pLG4RI1f8KpdcD753L7wGC9d8jdbw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=bestguesspass action=none header.from=arm.com; dkim=none (message not signed); arc=none X-Received: from VI1PR0802CA0023.eurprd08.prod.outlook.com (2603:10a6:800:aa::33) by DB8PR08MB5052.eurprd08.prod.outlook.com (2603:10a6:10:e8::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20; Mon, 20 Jan 2020 11:14:20 +0000 X-Received: from VE1EUR03FT059.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::201) by VI1PR0802CA0023.outlook.office365.com (2603:10a6:800:aa::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.19 via Frontend Transport; Mon, 20 Jan 2020 11:14:20 +0000 Authentication-Results-Original: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; X-Received: from nebula.arm.com (40.67.248.234) by VE1EUR03FT059.mail.protection.outlook.com (10.152.19.60) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.2644.23 via Frontend Transport; Mon, 20 Jan 2020 11:14:20 +0000 X-Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1415.2; Mon, 20 Jan 2020 11:14:07 +0000 X-Received: from E119924.Arm.com (10.37.9.56) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.1415.2 via Frontend Transport; Mon, 20 Jan 2020 11:14:07 +0000 From: "Krzysztof Koch" To: CC: , , , , Subject: [edk2-devel] [PATCH v3 08/11] ShellPkg: acpiview: PPTT: Validate global pointers before use Date: Mon, 20 Jan 2020 11:13:48 +0000 Message-ID: <20200120111351.29184-9-krzysztof.koch@arm.com> In-Reply-To: <20200120111351.29184-1-krzysztof.koch@arm.com> References: <20200120111351.29184-1-krzysztof.koch@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;IPV:;CTRY:IE;EFV:NLI;SFV:NSPM;SFS:(10009020)(4636009)(346002)(39860400002)(376002)(396003)(136003)(189003)(199004)(2616005)(7696005)(426003)(478600001)(36756003)(70586007)(70206006)(2906002)(4326008)(81166006)(356004)(6666004)(81156014)(44832011)(8676002)(6916009)(54906003)(86362001)(15650500001)(316002)(5660300002)(8936002)(186003)(26005)(1076003)(336012);DIR:OUT;SFP:1101;SCL:1;SRVR:DB8PR08MB5052;H:nebula.arm.com;FPR:;SPF:Pass;LANG:en;PTR:InfoDomainNonexistent;MX:1;A:1; X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4af09bb9-ed4a-4a68-27d1-08d79d99ea3a X-MS-TrafficTypeDiagnostic: DB8PR08MB5052:|HE1PR0802MB2571: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true NoDisclaimer: True X-MS-Oob-TLC-OOBClassifiers: OLM:3968;OLM:3968; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: sE1h0Pa5nstmjtDWEEwglKlJg+Cb8cLIKG9/JPGnukSN1+34OlVGRoGZhfFZ1LIwreX8HqFOcw8+WjkNcRvfKOi9T6E4JzsNjjZRbDcFetUKyo0JQI3eG54PXFYQbtgX7JBUKBuiWCjGmoCq6UUlEHHLgAMrcxj0ziiX+FjTx5iUMJOlac/01KBPEPBCtZXmQU2no43b4iY24amXdVGazLjWBNQUGFWnkDvCE6PH2ZptmUw5CRLA51aLVaT25Y4tgq1+nvhpqqpivG/iGG2bR/bw82GmQi/DFaNJYJI60+PZKVPq8gd28GY1zmzd9A5eGu7NStNyU0zP3RjrPfPr1bosQa5TA6v9Jxb04uniN7hxKkr9dX2s8n+8ShG2A+X0uPXthzX1W2EXF1Ty5oILN2c8/u0FUG++7yCpY3H/68iagrk0MCMg/ktThGc3BskO X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB5052 Original-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=bestguesspass action=none header.from=arm.com; X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT062.eop-EUR03.prod.protection.outlook.com X-MS-Office365-Filtering-Correlation-Id-Prvs: 64991e39-98c4-4ba0-eda5-08d79d99e584 X-Microsoft-Antispam-Message-Info: PdbsKcdHIISEhQBaX94yK0eMNTgADd+JcVlFNdcwS04MK3ceoNnFDn6VZVBPuDlbVm7XOAGKdId8sw9mvvfivHuJqPvUVphnJ8vGs3LXw58mR7oeIcGgAKOT+XjH1TmeHwORgwt9vSQZiMAogdz80KBaUFCt8x2x9S2MaFva/p5WLvUk0nKuSHwK/qov67i422EtN8wGbPtvYb4sy8wzdFmIlhepoaNgcmkgFwRIArBLUHyIceECzUZV1lGFmJJQuIfj2bbQcF2Xt0332Tdi5QCGVavVlRcaxSCH7OFFqhPQ6dsoLohF54UxSucQP089/PviFrrK3y+c7r+Nhlm4oVI+ya1uNr+Lkb/tQ4cnJLkMJzPr4UG9riSo76uwyNmzGfVoPXHgm1mB36efHjgqGxM5DQ9PD0nqNG6P8uZOERWIFmbSkC9XSvGlDsdOD6Lq X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jan 2020 11:14:28.0911 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4af09bb9-ed4a-4a68-27d1-08d79d99ea3a X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0802MB2571 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,krzysztof.koch@arm.com X-Gm-Message-State: dLyJj9PTvyzhlkCB0PyOaUUix1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1579518873; bh=L3BWmURT08qgm4eP760Hao44J0ZK9Zr2YmbW8KJV7Y0=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=Wokiprn0kwBfqn8Qe4QVneZ638iK9Duvq2+YiqrAZ9LrdCrO23ach6caML/mwI04jX4 b1o3kTK2jpAhAnFkwU93gFUE2XmYiIdZdcz0ue8OCAh5g7QejwLEOxayEUhF4RCj7tdvK sFfVXnTUZ+cDv7nD0t0nE2zyjkSzWgPc6i0= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Check if the NumberOfPrivateResources, ProcessorTopologyStructureType and ProcessorTopologyStructureLength pointers have been successfully updated before they are used for further table parsing. Signed-off-by: Krzysztof Koch --- Notes: v3: - Rebase on latest master [Krzysztof] v1: - Test against NULL pointers [Krzysztof] ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttParser.c | 2= 5 ++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/Pptt= Parser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttPa= rser.c index 6254b9913fffb429fc54bb1301bf3e4b2e5bf161..675ba75f02b367cd5ad9f2ac23c= 30ed0ab58f286 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttParser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttParser.c @@ -264,6 +264,17 @@ DumpProcessorHierarchyNodeStructure ( PARSER_PARAMS (ProcessorHierarchyNodeStructureParser) ); =20 + // Check if the values used to control the parsing logic have been + // successfully read. + if (NumberOfPrivateResources =3D=3D NULL) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient Processor Hierarchy Node length. Length =3D %d= .\n", + Length + ); + return; + } + // Make sure the Private Resource array lies inside this structure if (Offset + (*NumberOfPrivateResources * sizeof (UINT32)) > Length) { IncrementErrorCount (); @@ -387,6 +398,7 @@ ParseAcpiPptt ( AcpiTableLength, PARSER_PARAMS (PpttParser) ); + ProcessorTopologyStructurePtr =3D Ptr + Offset; =20 while (Offset < AcpiTableLength) { @@ -400,6 +412,19 @@ ParseAcpiPptt ( PARSER_PARAMS (ProcessorTopologyStructureHeaderParser) ); =20 + // Check if the values used to control the parsing logic have been + // successfully read. + if ((ProcessorTopologyStructureType =3D=3D NULL) || + (ProcessorTopologyStructureLength =3D=3D NULL)) { + IncrementErrorCount (); + Print ( + L"ERROR: Insufficient remaining table buffer length to read the " \ + L"processor topology structure header. Length =3D %d.\n", + AcpiTableLength - Offset + ); + return; + } + // Make sure the PPTT structure lies inside the table if ((Offset + *ProcessorTopologyStructureLength) > AcpiTableLength) { IncrementErrorCount (); -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#53409): https://edk2.groups.io/g/devel/message/53409 Mute This Topic: https://groups.io/mt/69929573/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-