ShellPkg: acpiview: MADT: Prevent buffer overruns

Modify the parsing logic to prevent reading past the MADT table buffer length provided when parsing the Interrupt Controller Structure header. Signed-off-by: Krzysztof Koch <krzysztof.koch@arm.com> Reviewed-by: Alexei Fedorov <Alexei.Fedorov@arm.com> Reviewed-by: Zhichao Gao <zhichao.gao@inte.com> Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
author: Krzysztof Koch <krzysztof.koch@arm.com> 2019-08-01 16:44:05 -0700
committer: Jaben Carsey <jaben.carsey@intel.com> 2019-08-12 10:13:56 -0700
commit: 05d402952dfa39d670994de821de79bc8800260a (patch)
tree: 1006815f061df395f5c9f1f6aaf5480594215ec1
parent: 62cefaf44e1cc14376e547e955a846ba456caa93 (diff)
download: edk2-05d402952dfa39d670994de821de79bc8800260a.tar.gz
edk2-05d402952dfa39d670994de821de79bc8800260a.tar.bz2
edk2-05d402952dfa39d670994de821de79bc8800260a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
index d80ebd1a2b..90bdafea19 100644
--- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
+++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
@@ -256,7 +256,7 @@ ParseAcpiMadt (
       0,
       NULL,
       InterruptContollerPtr,
-      2,  //  Length is 1 byte at offset 1
+      AcpiTableLength - Offset,
       PARSER_PARAMS (MadtInterruptControllerHeaderParser)
       );
author	Krzysztof Koch <krzysztof.koch@arm.com>	2019-08-01 16:44:05 -0700
committer	Jaben Carsey <jaben.carsey@intel.com>	2019-08-12 10:13:56 -0700
commit	05d402952dfa39d670994de821de79bc8800260a (patch)
tree	1006815f061df395f5c9f1f6aaf5480594215ec1
parent	62cefaf44e1cc14376e547e955a846ba456caa93 (diff)
download	edk2-05d402952dfa39d670994de821de79bc8800260a.tar.gz edk2-05d402952dfa39d670994de821de79bc8800260a.tar.bz2 edk2-05d402952dfa39d670994de821de79bc8800260a.zip