MdeModulePkg/Core: Fix potential array overflow
In the method DumpGuardedMemoryBitmap() and SetAllGuardPages(), the code didn't check if the global mMapLevel is legal value or not, which leaves a logic hole causing potential array overflow in code followed. This patch adds sanity check before any array reference in those methods. Cc: Wu Hao <hao.a.wu@intel.com> Cc: Star Zeng <star.zeng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Wu Hao <hao.a.wu@intel.com>
This commit is contained in:
@@ -1110,7 +1110,9 @@ DumpGuardedMemoryBitmap (
|
||||
CHAR8 *Ruler1;
|
||||
CHAR8 *Ruler2;
|
||||
|
||||
if (mGuardedMemoryMap == 0) {
|
||||
if (mGuardedMemoryMap == 0 ||
|
||||
mMapLevel == 0 ||
|
||||
mMapLevel > GUARDED_HEAP_MAP_TABLE_DEPTH) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user