The following patches modify existing ACPI table parsers to add checks which prevent many potential security issues. These include: 1. Entering infinite loops when ACPI structure lengths are zero. 2. Use of pointers which failed to be initialized because of invalid ACPI table/structure lengths. 3. Buffer overruns caused by structures which have a too large value of the 'Length' field given the size of the buffer in which they are located.
Other changes added in this patchset include: 1. Removal of redundant forward STATIC function declarations for reducing the code size. 2. Extension of the use of the -q flag to make ACPI table content validation optional. ACPI table content consistency checks which do not affect the flow control in the parsing logic can now be disabled. The remaining validation checks are enforced as they also prevent the security issues listed above. Changes can be seen at: https://github.com/KrzysztofKoch1/edk2/tree/612_enhance_parser_logic_v1 Krzysztof Koch (11): ShellPkg: acpiview: FADT: Validate global pointers before use ShellPkg: acpiview: SPCR: Remove redundant forward declaration ShellPkg: acpiview: RSDP: Make printing table checksum optional ShellPkg: acpiview: XSDT: Remove redundant ParseAcpi() call ShellPkg: acpiview: SLIT: Add error-checking in the parsing logic ShellPkg: acpiview: SRAT: Add error-checking in the parsing logic ShellPkg: acpiview: MADT: Add error-checking in the parsing logic ShellPkg: acpiview: PPTT: Add error-checking in the parsing logic ShellPkg: acpiview: IORT: Add error-checking in the parsing logic ShellPkg: acpiview: GTDT: Add error-checking in the parsing logic ShellPkg: acpiview: DBG2: Add error-checking in the parsing logic ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.c | 26 +- ShellPkg/Library/UefiShellAcpiViewCommandLib/AcpiParser.h | 8 +- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Dbg2/Dbg2Parser.c | 298 +++++++++----- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Fadt/FadtParser.c | 131 +++--- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Gtdt/GtdtParser.c | 294 ++++++++------ ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Iort/IortParser.c | 419 +++++++++++++------- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c | 187 ++++----- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Pptt/PpttParser.c | 95 ++++- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Rsdp/RsdpParser.c | 144 ++++--- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Slit/SlitParser.c | 115 ++++-- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Spcr/SpcrParser.c | 98 ++--- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Srat/SratParser.c | 113 +++--- ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Xsdt/XsdtParser.c | 22 +- 13 files changed, 1150 insertions(+), 800 deletions(-) -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#43640): https://edk2.groups.io/g/devel/message/43640 Mute This Topic: https://groups.io/mt/32439501/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
