Change BufferSize from UINTN * to UINTN to eliminate pointer to pointer in SmmCore for security consideration.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10299 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
jyao1
2010-03-21 04:17:16 +00:00
parent 59a4bd4037
commit ab780ebf90
3 changed files with 14 additions and 6 deletions

View File

@@ -210,8 +210,8 @@ SMM_CORE_PRIVATE_DATA mSmmCorePrivateData = {
FALSE, // SmmEntryPointRegistered
FALSE, // InSmm
NULL, // Smst
0, // BufferSize
NULL, // CommunicationBuffer
0, // BufferSize
EFI_SUCCESS // ReturnStatus
};
@@ -410,6 +410,13 @@ SmmCommunicationCommunicate (
return EFI_INVALID_PARAMETER;
}
//
// CommSize must hold HeaderGuid and MessageLength
//
if (*CommSize < OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)) {
return EFI_INVALID_PARAMETER;
}
//
// If not already in SMM, then generate a Software SMI
//
@@ -418,7 +425,7 @@ SmmCommunicationCommunicate (
// Put arguments for Software SMI in gSmmCorePrivate
//
gSmmCorePrivate->CommunicationBuffer = CommBuffer;
gSmmCorePrivate->BufferSize = CommSize;
gSmmCorePrivate->BufferSize = *CommSize;
//
// Generate Software SMI
@@ -431,6 +438,7 @@ SmmCommunicationCommunicate (
//
// Return status from software SMI
//
*CommSize = gSmmCorePrivate->BufferSize;
return gSmmCorePrivate->ReturnStatus;
}