> > @@ -170,6 +170,7 @@ MicrocodeDetect (
> > /// Check overflow and whether TotalSize is aligned with 4 bytes.
> > ///
> > if ( ((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd ||
> > + ((UINTN)MicrocodeEntryPoint + TotalSize) < (UINTN)
> > + CpuMpData->MicrocodePatchAddress ||
How about below check?
First comparison hits when the sum of MicrocodeEntryPoint and TotalSize
overflows.
Second comparison hits when the sum crosses the boundary of the whole microcode
buffer boundary
If (((UINTN) MicrocodeEntryPoint > MAX_UINTN - TotalSize) ||
((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd)
> > (TotalSize & 0x3) != 0
> > ) {
> > MicrocodeEntryPoint = (CPU_MICROCODE_HEADER *) (((UINTN)
> > MicrocodeEntryPoint) + SIZE_1KB);
> > --
> > 2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#42852): https://edk2.groups.io/g/devel/message/42852
Mute This Topic: https://groups.io/mt/32204622/21656
Group Owner: [email protected]
Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
