MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578)
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3387 Added use of SafeIntLib to validate values are not causing overflows or underflows in user controlled values when calculating buffer sizes. Signed-off-by: Miki Demeter <miki.demeter@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
This commit is contained in:
committed by
mergify[bot]
parent
c46204e25f
commit
cab1f02565
@@ -54,6 +54,7 @@
|
||||
#include <Library/PerformanceLib.h>
|
||||
#include <Library/HobLib.h>
|
||||
#include <Library/SmmMemLib.h>
|
||||
#include <Library/SafeIntLib.h>
|
||||
|
||||
#include "PiSmmCorePrivateData.h"
|
||||
#include "HeapGuard.h"
|
||||
|
Reference in New Issue
Block a user