tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ArmPkg/ArmMmuLib AARCH64: fix out of bounds access 

Take care not to dereference BlockEntry if it may be pointing past
the end of the page table we are manipulating. It is only a read,
and thus harmless, but HeapGuard triggers on it so let's fix it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
This commit is contained in:
Ard Biesheuvel 2019-01-07 08:15:00 +01:00
parent d08575759e
commit 76c23f9e0d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
View File

@ -382,7 +382,7 @@ UpdateRegionMapping (
// Break the inner loop when next block is a table
// Rerun GetBlockEntryListFromAddress to avoid page table memory leak
if (TableLevel != 3 &&
if (TableLevel != 3 && BlockEntry <= LastBlockEntry &&
(*BlockEntry & TT_TYPE_MASK) == TT_TYPE_TABLE_ENTRY) {
break;
}