diff options
| author | Krzysztof Koch <krzysztof.koch@arm.com> | 2020-01-20 19:13:51 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-02-11 02:12:45 +0000 |
| commit | ccb4c38a505cc830625d9ba10622cd910f03490c (patch) | |
| tree | a99bf2b1e44aae684f8278f74f77901aab9a9cb7 /ShellPkg | |
| parent | 214bc6e20613369453959f1ffd19eda12de41c52 (diff) | |
| download | edk2-ccb4c38a505cc830625d9ba10622cd910f03490c.tar.gz edk2-ccb4c38a505cc830625d9ba10622cd910f03490c.tar.bz2 edk2-ccb4c38a505cc830625d9ba10622cd910f03490c.zip | |
ShellPkg: acpiview: DBG2: Validate global pointers before use
Check if global (in the scope of the DBG2 parser) pointers have been
successfully updated before they are used for further table parsing.
Signed-off-by: Krzysztof Koch <krzysztof.koch@arm.com>
Diffstat (limited to 'ShellPkg')
| -rw-r--r-- | ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c index 869e700b9b..0f730a306a 100644 --- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c +++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c @@ -123,6 +123,24 @@ DumpDbgDeviceInfo ( PARSER_PARAMS (DbgDevInfoParser)
);
+ // Check if the values used to control the parsing logic have been
+ // successfully read.
+ if ((GasCount == NULL) ||
+ (NameSpaceStringLength == NULL) ||
+ (NameSpaceStringOffset == NULL) ||
+ (OEMDataLength == NULL) ||
+ (OEMDataOffset == NULL) ||
+ (BaseAddrRegOffset == NULL) ||
+ (AddrSizeOffset == NULL)) {
+ IncrementErrorCount ();
+ Print (
+ L"ERROR: Insufficient Debug Device Information Structure length. " \
+ L"Length = %d.\n",
+ Length
+ );
+ return;
+ }
+
// GAS
Index = 0;
Offset = *BaseAddrRegOffset;
@@ -224,6 +242,18 @@ ParseAcpiDbg2 ( PARSER_PARAMS (Dbg2Parser)
);
+ // Check if the values used to control the parsing logic have been
+ // successfully read.
+ if ((OffsetDbgDeviceInfo == NULL) ||
+ (NumberDbgDeviceInfo == NULL)) {
+ IncrementErrorCount ();
+ Print (
+ L"ERROR: Insufficient table length. AcpiTableLength = %d\n",
+ AcpiTableLength
+ );
+ return;
+ }
+
Offset = *OffsetDbgDeviceInfo;
Index = 0;
@@ -239,6 +269,19 @@ ParseAcpiDbg2 ( PARSER_PARAMS (DbgDevInfoHeaderParser)
);
+ // Check if the values used to control the parsing logic have been
+ // successfully read.
+ if (DbgDevInfoLen == NULL) {
+ IncrementErrorCount ();
+ Print (
+ L"ERROR: Insufficient remaining table buffer length to read the " \
+ L"Debug Device Information structure's 'Length' field. " \
+ L"RemainingTableBufferLength = %d.\n",
+ AcpiTableLength - Offset
+ );
+ return;
+ }
+
// Make sure the Debug Device Information structure lies inside the table.
if ((Offset + *DbgDevInfoLen) > AcpiTableLength) {
IncrementErrorCount ();
|