sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change BufferSize from UINTN * to UINTN to eliminate pointer to pointer in SmmCore for security consideration.

Browse Source 
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10299 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
jyao1
2010-03-21 04:17:16 +00:00
parent 59a4bd4037
commit ab780ebf90
3 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
MdeModulePkg/Core/PiSmmCore/PiSmmCore.c
View File

@@ -276,19 +276,19 @@ SmmEntryPoint (
// Synchronous SMI for SMM Core or request from Communicate protocol
//
CommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *)gSmmCorePrivate->CommunicationBuffer;
*gSmmCorePrivate->BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
gSmmCorePrivate->BufferSize -= OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
Status = SmiManage (
&CommunicateHeader->HeaderGuid,
NULL,
CommunicateHeader->Data,
gSmmCorePrivate->BufferSize
&gSmmCorePrivate->BufferSize
);
//
// Update CommunicationBuffer, BufferSize and ReturnStatus
// Communicate service finished, reset the pointer to CommBuffer to NULL
//
*gSmmCorePrivate->BufferSize += OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
gSmmCorePrivate->BufferSize += OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data);
gSmmCorePrivate->CommunicationBuffer = NULL;
gSmmCorePrivate->ReturnStatus = (Status == EFI_WARN_INTERRUPT_SOURCE_QUIESCED) ? EFI_SUCCESS : EFI_NOT_FOUND;
} else {