[Bug 3512] New: Pointer size mismatch in EvacuateTempRam()



Bug ID: 3512
Summary: Pointer size mismatch in EvacuateTempRam()
Product: EDK2
Version: Current
Hardware: All
OS: All
Severity: normal
Priority: Lowest
Component: Code
Assignee: unassigned@tianocore.org
Reporter: terry.lee@hpe.com
CC: edk2+bugs+int+994+563148131503455288@groups.io

The EvacuateTempRam() function in MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c
uses local pointer variables (MigratedFvHeader and RawDataFvHeader) allocated
from the stack. In 32-bit PEI environments, the pointer variables would be 32
bits in size. The pointers are used as output parameters for calling
PeiServicesAllocatePages(), which expects 64-bit output buffer of type
EFI_PHYSICAL_ADDRESS. When PeiServicesAllocatePages() writes to the output
buffer, data overflow results. Depending on the compiler allocation of the
pointer variable addresses, the data overflow could results in immediate boot

You are receiving this mail because:
You are on the CC list for the bug.