[PATCH v2 0/3] OvmfPkg: Check arguments for validity


Dimitrije Pavlov
 

Some functions across OVMF don't check pointer arguments for
validity, which causes null pointer dereferences and crashes
in the SCT test suite.

This series adds checks to return EFI_INVALID_PARAMETER if a
pointer argument is NULL.

v2:
- Add Liming Gao to Cc [Ard]
- Turn individual patches into a series [Ard]
- Fix issue with corrupted patches [Ard]

Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Liming Gao <gaoliming@...>
Cc: Sunny Wang <Sunny.Wang@...>
Cc: Jeff Booher-Kaeding <Jeff.Booher-Kaeding@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>

Dimitrije Pavlov (3):
OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments
OvmfPkg/VirtioGpuDxe: Check QueryMode arguments
OvmfPkg/VirtioFsDxe: Check GetDriverName arguments

OvmfPkg/PlatformDxe/Platform.c | 8 ++++++++
OvmfPkg/VirtioFsDxe/DriverBinding.c | 4 ++++
OvmfPkg/VirtioGpuDxe/Gop.c | 4 +++-
3 files changed, 15 insertions(+), 1 deletion(-)

--=20
2.37.2


Ard Biesheuvel
 

On Mon, 15 Aug 2022 at 18:31, Dimitrije Pavlov <dimitrije.pavlov@...> wrote:

Some functions across OVMF don't check pointer arguments for
validity, which causes null pointer dereferences and crashes
in the SCT test suite.

This series adds checks to return EFI_INVALID_PARAMETER if a
pointer argument is NULL.

v2:
- Add Liming Gao to Cc [Ard]
- Turn individual patches into a series [Ard]
- Fix issue with corrupted patches [Ard]

Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Liming Gao <gaoliming@...>
Cc: Sunny Wang <Sunny.Wang@...>
Cc: Jeff Booher-Kaeding <Jeff.Booher-Kaeding@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>

Dimitrije Pavlov (3):
OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments
OvmfPkg/VirtioGpuDxe: Check QueryMode arguments
OvmfPkg/VirtioFsDxe: Check GetDriverName arguments
Thank you for the resend.

@Liming: these are all bug fixes that affect SCT results, so unless
there are any objections, I intend to merge these tomorrow (Tuesday).

Thanks,
Ard.


Sunny Wang
 

The series looks good to me.
Reviewed-by: Sunny Wang <sunny.wang@...>

-----Original Message-----
From: Dimitrije Pavlov <dimitrije.pavlov@...>
Sent: 15 August 2022 17:31
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@...>; Jiewen Yao <jiewen.yao@...>; Liming Gao <gaoliming@...>; Sunny Wang <Sunny.Wang@...>; Jeff Booher-Kaeding <Jeff.Booher-Kaeding@...>; Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Subject: [PATCH v2 0/3] OvmfPkg: Check arguments for validity

Some functions across OVMF don't check pointer arguments for
validity, which causes null pointer dereferences and crashes
in the SCT test suite.

This series adds checks to return EFI_INVALID_PARAMETER if a
pointer argument is NULL.

v2:
- Add Liming Gao to Cc [Ard]
- Turn individual patches into a series [Ard]
- Fix issue with corrupted patches [Ard]

Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Liming Gao <gaoliming@...>
Cc: Sunny Wang <Sunny.Wang@...>
Cc: Jeff Booher-Kaeding <Jeff.Booher-Kaeding@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>

Dimitrije Pavlov (3):
OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments
OvmfPkg/VirtioGpuDxe: Check QueryMode arguments
OvmfPkg/VirtioFsDxe: Check GetDriverName arguments

OvmfPkg/PlatformDxe/Platform.c | 8 ++++++++
OvmfPkg/VirtioFsDxe/DriverBinding.c | 4 ++++
OvmfPkg/VirtioGpuDxe/Gop.c | 4 +++-
3 files changed, 15 insertions(+), 1 deletion(-)

--
2.37.2

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


Ard Biesheuvel
 

On Tue, 16 Aug 2022 at 13:39, Sunny Wang <Sunny.Wang@...> wrote:

The series looks good to me.
Reviewed-by: Sunny Wang <sunny.wang@...>

-----Original Message-----
From: Dimitrije Pavlov <dimitrije.pavlov@...>
Sent: 15 August 2022 17:31
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@...>; Jiewen Yao <jiewen.yao@...>; Liming Gao <gaoliming@...>; Sunny Wang <Sunny.Wang@...>; Jeff Booher-Kaeding <Jeff.Booher-Kaeding@...>; Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Subject: [PATCH v2 0/3] OvmfPkg: Check arguments for validity

Some functions across OVMF don't check pointer arguments for
validity, which causes null pointer dereferences and crashes
in the SCT test suite.

This series adds checks to return EFI_INVALID_PARAMETER if a
pointer argument is NULL.

v2:
- Add Liming Gao to Cc [Ard]
- Turn individual patches into a series [Ard]
- Fix issue with corrupted patches [Ard]

Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Liming Gao <gaoliming@...>
Cc: Sunny Wang <Sunny.Wang@...>
Cc: Jeff Booher-Kaeding <Jeff.Booher-Kaeding@...>
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>

Dimitrije Pavlov (3):
OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments
OvmfPkg/VirtioGpuDxe: Check QueryMode arguments
OvmfPkg/VirtioFsDxe: Check GetDriverName arguments
I tried to push these but they failed in CI.

Could you please have a look and respin with the reported issues
addressed? Thanks.

https://github.com/tianocore/edk2/pull/3211