Modify the parsing logic to prevent reading past the MADT table buffer
length provided when parsing the Interrupt Controller Structure header.
Signed-off-by: Krzysztof Koch <krzysztof.k...@arm.com>
---
Notes:
v1:
- Prevent buffer overruns in MADT acpiview parser [Krzysztof]
ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
index
d80ebd1a2bae7a4acffe687ca5ee7b4090f0e223..90bdafea1970db522e8ed96de7c6e986cdaca5ba
100644
--- a/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
+++ b/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c
@@ -256,7 +256,7 @@ ParseAcpiMadt (
0,
NULL,
InterruptContollerPtr,
- 2, // Length is 1 byte at offset 1
+ AcpiTableLength - Offset,
PARSER_PARAMS (MadtInterruptControllerHeaderParser)
);
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#44755): https://edk2.groups.io/g/devel/message/44755
Mute This Topic: https://groups.io/mt/32676839/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
