mirror of
https://github.com/acidanthera/audk.git
synced 2025-04-08 17:05:09 +02:00
fc76bbd94d
RH covscan justifiedly reports that accessing
"EFI_COMMON_SECTION_HEADER.Size", which is of type UINT8[3], through a
(UINT32*), is undefined behavior:
> Error: OVERRUN (CWE-119):
> edk2-89910a39dcfd/OvmfPkg/Sec/SecMain.c:178: overrun-local: Overrunning
> array of 3 bytes at byte offset 3 by dereferencing pointer
> "(UINT32 *)((EFI_COMMON_SECTION_HEADER *)(UINTN)Section)->Size".
> # 176| Section = (EFI_COMMON_SECTION_HEADER*)(UINTN) CurrentAddress;
> # 177|
> # 178|-> Size = SECTION_SIZE (Section);
> # 179| if (Size < sizeof (*Section)) {
> # 180| return EFI_VOLUME_CORRUPTED;
Fix this by accessing the array elements individually.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1710
Issue: scan-1007.txt
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>