devel@edk2.groups.io | [edk2-platforms][PATCH v3 06/11] Ext4Pkg: Corrects integer overflow check logic in DiskUtil

Home Messages Hashtags Subgroups Calendar

Date Date 1 - 4 of 4

[edk2-platforms][PATCH v3 06/11] Ext4Pkg: Corrects integer overflow check logic in DiskUtil

Savva Mitrofanov #99141 Corrects multiplication overflow check code Cc: Marvin Häuser <mhaeuser@...> Cc: Pedro Falcato <pedro.falcato@...> Cc: Vitaly Cheptsov <vit9696@...> Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.") Signed-off-by: Savva Mitrofanov <savvamtr@...> --- Features/Ext4Pkg/Ext4Pkg.dsc \| 2 +- Features/Ext4Pkg/Ext4Dxe/DiskUtil.c \| 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Pkg.dsc b/Features/Ext4Pkg/Ext4Pkg.dsc index 59bc327ebf6e..621c63eaf92d 100644 --- a/Features/Ext4Pkg/Ext4Pkg.dsc +++ b/Features/Ext4Pkg/Ext4Pkg.dsc @@ -46,7 +46,7 @@ DevicePathLib\|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf OrderedCollectionLib\|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf BaseUcs2Utf8Lib\|RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf - + # # Required for stack protector support # diff --git a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c index 32da35f7d9f5..c4af956da926 100644 --- a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c +++ b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c @@ -60,11 +60,11 @@ Ext4ReadBlocks ( // Check for overflow on the block -> byte conversions. // Partition->BlockSize is never 0, so we don't need to check for that. - if (Offset > DivU64x32 ((UINT64)-1, Partition->BlockSize)) { + if ((NumberBlocks != 0) && (DivU64x64Remainder (Offset, BlockNumber, NULL) != Partition->BlockSize)) { return EFI_INVALID_PARAMETER; } - if (Length > (UINTN)-1/Partition->BlockSize) { + if ((NumberBlocks != 0) && (Length / NumberBlocks != Partition->BlockSize)) { return EFI_INVALID_PARAMETER; } @@ -94,12 +94,12 @@ Ext4AllocAndReadBlocks ( Length = NumberBlocks * Partition->BlockSize; - if (Length > (UINTN)-1/Partition->BlockSize) { + // Check for integer overflow + if ((NumberBlocks != 0) && (Length / NumberBlocks != Partition->BlockSize)) { return NULL; } Buf = AllocatePool (Length); - if (Buf == NULL) { return NULL; } -- 2.39.0
More All Messages By This Member
Pedro Falcato #99168 On Fri, Jan 27, 2023 at 9:29 AM Savva Mitrofanov <savvamtr@...> wrote: Corrects multiplication overflow check code Cc: Marvin Häuser <mhaeuser@...> Cc: Pedro Falcato <pedro.falcato@...> Cc: Vitaly Cheptsov <vit9696@...> Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.") Signed-off-by: Savva Mitrofanov <savvamtr@...> --- Features/Ext4Pkg/Ext4Pkg.dsc \| 2 +- Features/Ext4Pkg/Ext4Dxe/DiskUtil.c \| 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Pkg.dsc b/Features/Ext4Pkg/Ext4Pkg.dsc index 59bc327ebf6e..621c63eaf92d 100644 --- a/Features/Ext4Pkg/Ext4Pkg.dsc +++ b/Features/Ext4Pkg/Ext4Pkg.dsc @@ -46,7 +46,7 @@ DevicePathLib\|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf OrderedCollectionLib\|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf BaseUcs2Utf8Lib\|RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf - + Why this whitespace change? # # Required for stack protector support # diff --git a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c index 32da35f7d9f5..c4af956da926 100644 --- a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c +++ b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c @@ -60,11 +60,11 @@ Ext4ReadBlocks ( // Check for overflow on the block -> byte conversions. // Partition->BlockSize is never 0, so we don't need to check for that. - if (Offset > DivU64x32 ((UINT64)-1, Partition->BlockSize)) { + if ((NumberBlocks != 0) && (DivU64x64Remainder (Offset, BlockNumber, NULL) != Partition->BlockSize)) { return EFI_INVALID_PARAMETER; } - if (Length > (UINTN)-1/Partition->BlockSize) { + if ((NumberBlocks != 0) && (Length / NumberBlocks != Partition->BlockSize)) { return EFI_INVALID_PARAMETER; } @@ -94,12 +94,12 @@ Ext4AllocAndReadBlocks ( Length = NumberBlocks * Partition->BlockSize; - if (Length > (UINTN)-1/Partition->BlockSize) { + // Check for integer overflow + if ((NumberBlocks != 0) && (Length / NumberBlocks != Partition->BlockSize)) { return NULL; } Buf = AllocatePool (Length); - if (Buf == NULL) { return NULL; } -- 2.39.0 I don't really like open coding this, but it does fix my buggy checks. In the interest of not adding a new overengineered safe int library, Reviewed-by: Pedro Falcato <pedro.falcato@...> -- Pedro
More All Messages By This Member
Savva Mitrofanov #99179 Why this whitespace change? Seems code formatter just removed trailing space. If you want so, I can drop this change in v4. On 27 Jan 2023, at 20:24, Pedro Falcato <pedro.falcato@...> wrote: On Fri, Jan 27, 2023 at 9:29 AM Savva Mitrofanov <savvamtr@...> wrote: Corrects multiplication overflow check code Cc: Marvin Häuser <mhaeuser@...> Cc: Pedro Falcato <pedro.falcato@...> Cc: Vitaly Cheptsov <vit9696@...> Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.") Signed-off-by: Savva Mitrofanov <savvamtr@...> --- Features/Ext4Pkg/Ext4Pkg.dsc \| 2 +- Features/Ext4Pkg/Ext4Dxe/DiskUtil.c \| 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Features/Ext4Pkg/Ext4Pkg.dsc b/Features/Ext4Pkg/Ext4Pkg.dsc index 59bc327ebf6e..621c63eaf92d 100644 --- a/Features/Ext4Pkg/Ext4Pkg.dsc +++ b/Features/Ext4Pkg/Ext4Pkg.dsc @@ -46,7 +46,7 @@ DevicePathLib\|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf OrderedCollectionLib\|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf BaseUcs2Utf8Lib\|RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf - + Why this whitespace change? # # Required for stack protector support # diff --git a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c index 32da35f7d9f5..c4af956da926 100644 --- a/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c +++ b/Features/Ext4Pkg/Ext4Dxe/DiskUtil.c @@ -60,11 +60,11 @@ Ext4ReadBlocks ( // Check for overflow on the block -> byte conversions. // Partition->BlockSize is never 0, so we don't need to check for that. - if (Offset > DivU64x32 ((UINT64)-1, Partition->BlockSize)) { + if ((NumberBlocks != 0) && (DivU64x64Remainder (Offset, BlockNumber, NULL) != Partition->BlockSize)) { return EFI_INVALID_PARAMETER; } - if (Length > (UINTN)-1/Partition->BlockSize) { + if ((NumberBlocks != 0) && (Length / NumberBlocks != Partition->BlockSize)) { return EFI_INVALID_PARAMETER; } @@ -94,12 +94,12 @@ Ext4AllocAndReadBlocks ( Length = NumberBlocks * Partition->BlockSize; - if (Length > (UINTN)-1/Partition->BlockSize) { + // Check for integer overflow + if ((NumberBlocks != 0) && (Length / NumberBlocks != Partition->BlockSize)) { return NULL; } Buf = AllocatePool (Length); - if (Buf == NULL) { return NULL; } -- 2.39.0 I don't really like open coding this, but it does fix my buggy checks. In the interest of not adding a new overengineered safe int library, Reviewed-by: Pedro Falcato <pedro.falcato@...> -- Pedro
More All Messages By This Member
Pedro Falcato #99181 On Fri, Jan 27, 2023 at 4:10 PM Savva Mitrofanov <savvamtr@...> wrote: Why this whitespace change? Seems code formatter just removed trailing space. If you want so, I can drop this change in v4. No need, I just couldn't see what changed here :) No trailing space = good. -- Pedro
More All Messages By This Member

1 - 4 of 4

1

Previous Topic Next Topic

Home Hashtags Subgroups Calendar About Features Pricing Updates Terms Help Twitter