tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,262 Commits 10 Branches 0 Tags 316 MiB
Commit Graph

7 Commits

Author SHA1 Message Date
lzeng14 164a9b6752 Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input. 
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-21 02:22:02 +00:00
lzeng14 5e5bb2a9ba 1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 
2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm.
3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
 2013-05-07 05:38:32 +00:00
lzeng14 9d00d20ed4 1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 
2. Refine the debug message.
3. Add check to make sure the input VariableName is A Null-terminated string.
4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
 2013-04-25 10:49:45 +00:00
hhtian e8c758dc92 Update header format 
Signed-off-by: Hot Tian <hot.tian@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13819 6f19259b-4bc3-4df7-8a09-765794883524
 2012-10-11 04:59:05 +00:00
jyao1 32177f69c4 Add more security check for CommBuffer+CommBufferSize. 
signed off by: jiewen.yao@intel.com
reviewed by: rui.sun@intel.com
reviewed by: michael.d.kinney@intel.com

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13545 6f19259b-4bc3-4df7-8a09-765794883524
 2012-07-23 00:59:26 +00:00
li-elvin 1476a25761 RestoreLockBox in DXE with Length NULL, Buffer NULL will fail to get data from Lockbox. Fix this issue. 
Signed-off-by: li-elvin
Reviewed-by: jyao1

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12208 6f19259b-4bc3-4df7-8a09-765794883524
 2011-08-25 08:25:13 +00:00
jljusten 1c837cd545 MdeModulePkg: Add SMM LockBox 
This includes:
* LockBox protocol definition
* LockBoxLib library interface definition
* SmmLockBox GUID
* LockBoxNullLib library implementation
* 2 SmmLockBoxLib library implementations
* SmmLockBox SMM driver

Signed-off-by: jljusten
Reviewed-by: mdkinney
Reviewed-by: geekboy15a
Reviewed-by: jyao1
Reviewed-by: lgao4

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12029 6f19259b-4bc3-4df7-8a09-765794883524
 2011-07-19 20:47:28 +00:00