[edk2-devel] [PATCH] ShellPkg/Library: Error handle while CapabilityId is 0xFFFF

IanX Kuo posted 1 patch 6 days, 9 hours ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/edk2 tags/patchew/fe3913d367674776f7ba55f075eb56b1efa05d0b.1615725562.git.vincentx.ke@intel.com
ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

[edk2-devel] [PATCH] ShellPkg/Library: Error handle while CapabilityId is 0xFFFF

Posted by IanX Kuo 6 days, 9 hours ago
From: VincentX Ke <vincentx.ke@intel.com>

Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)

Adding error handle while CapabilityId is 0xFFFF

Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
---
 ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
index a2f04d8db5..cd295bb79b 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
@@ -5786,7 +5786,7 @@ PciExplainPciExpress (
   }
 
   ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;
-  while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {
+  while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr->CapabilityId != 0xFFFF) {
     //
     // Process this item
     //
-- 
2.26.2.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72748): https://edk2.groups.io/g/devel/message/72748
Mute This Topic: https://groups.io/mt/81324192/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-


Re: [edk2-devel] [PATCH] ShellPkg/Library: Error handle while CapabilityId is 0xFFFF

Posted by Gao, Zhichao 4 weeks ago
Hi Ian/Vincent,

It is a bug fix for parsing PCI extended config space. But there is one more place can be enhanced.

if (ExtHdr->NextCapabilityOffset != 0) {

You can see the above condition to check next capability info. But it doesn't check the length. If the value is 0xfff, it would put the ExtHdr outside the extended config space.
Its safe value should be below 0xFFF - EFI_PCIE_CAPABILITY_BASE_OFFSET - sizeof (PCI_EXP_EXT_HDR).

Thanks,
Zhichao

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of IanX
> Kuo
> Sent: Thursday, April 8, 2021 5:50 AM
> To: devel@edk2.groups.io
> Cc: Ke, VincentX <vincentx.ke@intel.com>
> Subject: [edk2-devel] [PATCH] ShellPkg/Library: Error handle while
> CapabilityId is 0xFFFF
> 
> From: VincentX Ke <vincentx.ke@intel.com>
> 
> Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)
> 
> Adding error handle while CapabilityId is 0xFFFF
> 
> Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
> ---
>  ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> index a2f04d8db5..cd295bb79b 100644
> --- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> +++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> @@ -5786,7 +5786,7 @@ PciExplainPciExpress (
>    }    ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;-  while (ExtHdr-
> >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {+  while (ExtHdr-
> >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr-
> >CapabilityId != 0xFFFF) {     //     // Process this item     //--
> 2.26.2.windows.1
> 
> 
> 
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#72748): https://edk2.groups.io/g/devel/message/72748
> Mute This Topic: https://groups.io/mt/81324192/1768756
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [zhichao.gao@intel.com]
> -=-=-=-=-=-=
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72858): https://edk2.groups.io/g/devel/message/72858
Mute This Topic: https://groups.io/mt/81324192/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-