From: VincentX Ke <vincentx.ke@intel.com>
Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)
Adding error handle while CapabilityId is 0xFFFF
Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
---
ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
index a2f04d8db5..cd295bb79b 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
@@ -5786,7 +5786,7 @@ PciExplainPciExpress (
}
ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;
- while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {
+ while (ExtHdr->CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr->CapabilityId != 0xFFFF) {
//
// Process this item
//
--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72748): https://edk2.groups.io/g/devel/message/72748
Mute This Topic: https://groups.io/mt/81324192/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Hi Ian/Vincent,
It is a bug fix for parsing PCI extended config space. But there is one more place can be enhanced.
if (ExtHdr->NextCapabilityOffset != 0) {
You can see the above condition to check next capability info. But it doesn't check the length. If the value is 0xfff, it would put the ExtHdr outside the extended config space.
Its safe value should be below 0xFFF - EFI_PCIE_CAPABILITY_BASE_OFFSET - sizeof (PCI_EXP_EXT_HDR).
Thanks,
Zhichao
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of IanX
> Kuo
> Sent: Thursday, April 8, 2021 5:50 AM
> To: devel@edk2.groups.io
> Cc: Ke, VincentX <vincentx.ke@intel.com>
> Subject: [edk2-devel] [PATCH] ShellPkg/Library: Error handle while
> CapabilityId is 0xFFFF
>
> From: VincentX Ke <vincentx.ke@intel.com>
>
> Bugzilla: 3262 (https://bugzilla.tianocore.org/show_bug.cgi?id=3262)
>
> Adding error handle while CapabilityId is 0xFFFF
>
> Signed-off-by: VincentX Ke <vincentx.ke@intel.com>
> ---
> ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> index a2f04d8db5..cd295bb79b 100644
> --- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> +++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Pci.c
> @@ -5786,7 +5786,7 @@ PciExplainPciExpress (
> } ExtHdr = (PCI_EXP_EXT_HDR*)ExtendedConfigSpace;- while (ExtHdr-
> >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0) {+ while (ExtHdr-
> >CapabilityId != 0 && ExtHdr->CapabilityVersion != 0 && ExtHdr-
> >CapabilityId != 0xFFFF) { // // Process this item //--
> 2.26.2.windows.1
>
>
>
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#72748): https://edk2.groups.io/g/devel/message/72748
> Mute This Topic: https://groups.io/mt/81324192/1768756
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [zhichao.gao@intel.com]
> -=-=-=-=-=-=
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72858): https://edk2.groups.io/g/devel/message/72858
Mute This Topic: https://groups.io/mt/81324192/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.