87acb6e298e718250dd8b741b6888a3a54c7cb5a
Current code not check the CommunicationBuffer size before use it. Attacker can read beyond the end of the (untrusted) commbuffer into controlled memory. Attacker can get access outside of valid SMM memory regions. This patch add check before use it. bugz: https://bugzilla.tianocore.org/show_bug.cgi?id=198 Cc: Yao Jiewen <jiewen.yao@intel.com> Cc: Wu Hao <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Description
Languages
C
82.2%
Python
10.3%
Assembly
3.4%
Rich Text Format
1.8%
C++
0.7%
Other
1.2%