tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/MdeModulePkg
History
Hao A Wu 322ac05f8b MdeModulePkg/PiDxeS3BootScriptLib: Fix potential numeric truncation (CVE-2019-14563) 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2001

For S3BootScriptLib APIs:

S3BootScriptSaveIoWrite
S3BootScriptSaveMemWrite
S3BootScriptSavePciCfgWrite
S3BootScriptSavePciCfg2Write
S3BootScriptSaveSmbusExecute
S3BootScriptSaveInformation
S3BootScriptSaveInformationAsciiString
S3BootScriptLabel (happen in S3BootScriptLabelInternal())

possible numeric truncations will happen that may lead to S3 boot script
entry with improper size being returned to store the boot script data.
This commit will add checks to prevent this kind of issue.

Please note that the remaining S3BootScriptLib APIs:

S3BootScriptSaveIoReadWrite
S3BootScriptSaveMemReadWrite
S3BootScriptSavePciCfgReadWrite
S3BootScriptSavePciCfg2ReadWrite
S3BootScriptSaveStall
S3BootScriptSaveDispatch2
S3BootScriptSaveDispatch
S3BootScriptSaveMemPoll
S3BootScriptSaveIoPoll
S3BootScriptSavePciPoll
S3BootScriptSavePci2Poll
S3BootScriptCloseTable
S3BootScriptExecute
S3BootScriptMoveLastOpcode
S3BootScriptCompare

are not affected by such numeric truncation.

Signed-off-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 		2020-02-07 07:58:35 +00:00
..
Application MdeModulePkg/CapsuleApp: Enhance CapsuleApp for Fmp Capsule Dependency 2020-01-19 02:47:47 +00:00
Bus MdeModulePkg/SdMmcPciHcDxe: Add retries for async commands 2020-01-19 01:58:00 +00:00
Core MdeModulePkg PeiCore: Improve comment semantics 2019-12-11 07:00:10 +00:00
Include MdeModulePkg: remove EnterS3WithImmediateWake () from ResetSystemLib 2020-01-10 07:00:51 +00:00
Library MdeModulePkg/PiDxeS3BootScriptLib: Fix potential numeric truncation (CVE-2019-14563) 2020-02-07 07:58:35 +00:00
Logo MdeModulePkg: Replace BSD License with BSD+Patent License 2019-04-09 10:58:08 -07:00
Universal MdeModulePkg/Capsule: Remove RT restriction in UpdateCapsule service. 2020-02-07 07:43:00 +00:00
MdeModulePkg.ci.yaml MdeModulePkg: Add YAML file for CI builds 2019-11-11 13:02:17 -08:00
MdeModulePkg.dec MdeModulePkg/Capsule: Remove RT restriction in UpdateCapsule service. 2020-02-07 07:43:00 +00:00
MdeModulePkg.dsc MdeModulePkg: LzmaCustomDecompressLib.inf don't support EBC anymore 2019-12-05 00:21:35 +00:00
MdeModulePkg.uni MdeModulePkg/Capsule: Remove RT restriction in UpdateCapsule service. 2020-02-07 07:43:00 +00:00
MdeModulePkgExtra.uni MdeModulePkg: Replace BSD License with BSD+Patent License 2019-04-09 10:58:08 -07:00