From f859c6796f4064e2142d4bfaae55dbd3aaf70c55 Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Mon, 20 Mar 2017 14:51:36 +0000 Subject: [PATCH] MdeModulePkg/AcpiTableDxe: consider version mask when removing tables Invocations of EFI_ACPI_TABLE_PROTOCOL::UninstallAcpiTable() may result in a crash when the value of PcdAcpiExposedTableVersions does not include EFI_ACPI_TABLE_VERSION_1_0B. The reason is that EFI_ACPI_TABLE_PROTOCOL::InstallAcpiTable() will only populate the Rsdt1/Rsdt3 pointers when EFI_ACPI_TABLE_VERSION_1_0B is set, whereas EFI_ACPI_TABLE_PROTOCOL::UninstallAcpiTable() will invoke PublishTables with EFI_ACPI_TABLE_VERSION_1_0B alawys set, resulting in a NULL pointer dereference of the Rsdt1/Rsdt3 pointers. So take PcdAcpiExposedTableVersions into account for UninstallAcpiTable as well. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel Reviewed-by: Star Zeng --- .../Universal/Acpi/AcpiTableDxe/AcpiTableProtocol.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableProtocol.c b/MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableProtocol.c index a4fd9aff84..05340f80db 100644 --- a/MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableProtocol.c +++ b/MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableProtocol.c @@ -290,24 +290,27 @@ UninstallAcpiTable ( { EFI_ACPI_TABLE_INSTANCE *AcpiTableInstance; EFI_STATUS Status; + EFI_ACPI_TABLE_VERSION Version; // // Get the instance of the ACPI table protocol // AcpiTableInstance = EFI_ACPI_TABLE_INSTANCE_FROM_THIS (This); + Version = PcdGet32 (PcdAcpiExposedTableVersions); + // // Uninstall the ACPI table // Status = RemoveTableFromList ( AcpiTableInstance, - EFI_ACPI_TABLE_VERSION_1_0B | ACPI_TABLE_VERSION_GTE_2_0, + Version, TableKey ); if (!EFI_ERROR (Status)) { Status = PublishTables ( AcpiTableInstance, - EFI_ACPI_TABLE_VERSION_1_0B | ACPI_TABLE_VERSION_GTE_2_0 + Version ); }