diff options
| author | Patrick Rudolph <patrick.rudolph@9elements.com> | 2023-12-31 17:29:26 +0100 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-01-22 11:04:21 +0000 |
| commit | 0b09397dfa0123b9a27c2c52fd2ddafd7a902137 (patch) | |
| tree | 4060f2db559a5b923455579019e0c1c43e70706c | |
| parent | 0c6d29be8b1731ff6880d59e0189184395e45968 (diff) | |
| download | edk2-0b09397dfa0123b9a27c2c52fd2ddafd7a902137.tar.gz edk2-0b09397dfa0123b9a27c2c52fd2ddafd7a902137.tar.bz2 edk2-0b09397dfa0123b9a27c2c52fd2ddafd7a902137.zip | |
UefiPayloadPkg: CbParseLib: Fix integer overflow
The IMD entry uses the 32bit start field as relative offset
to root. On Ia32X64 this works fine as UINTN is also 32 bit and
negative relative offsets are properly calculated due to an
integer overflow.
On X64 this doesn't work as UINTN is 64 bit and the offset
is no longer subtracted, but it's added to the root. Fix that
by sign extending the start field to 64 bit.
Test: Booting UefiPayloadPkg still works on Ia32X64 and now also
works on X64.
Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com>
Reviewed-by: Gua Guo <gua.guo@intel.com>
Reviewed-by: Sean Rhodes <sean@starlabs.systems>
| -rw-r--r-- | UefiPayloadPkg/Library/CbParseLib/CbParseLib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/UefiPayloadPkg/Library/CbParseLib/CbParseLib.c b/UefiPayloadPkg/Library/CbParseLib/CbParseLib.c index 8a353f77f6..9e149532a7 100644 --- a/UefiPayloadPkg/Library/CbParseLib/CbParseLib.c +++ b/UefiPayloadPkg/Library/CbParseLib/CbParseLib.c @@ -282,7 +282,7 @@ FindCbMemTable ( for (Idx = 0; Idx < Root->num_entries; Idx++) {
if (Entries[Idx].id == TableId) {
if (IsImdEntry) {
- *MemTable = (VOID *)((UINTN)Entries[Idx].start + (UINTN)Root);
+ *MemTable = (VOID *)((INTN)(INT32)Entries[Idx].start + (UINTN)Root);
} else {
*MemTable = (VOID *)(UINTN)Entries[Idx].start;
}
|