On 1/3/24 14:09, Laszlo Ersek wrote:
> On 1/3/24 13:56, Laszlo Ersek wrote:
>
>> (8) Apologies if it was me who suggested ALIGN_VALUE() previously, but
>> this is, in effect, an unchecked addition. I can't off-hand see evidence
>> that it can never overflow (the previous checks don't seem to prevent an
>> overflow here), so I suggest:
>>
>> //
>> // the next variable header starts aligned at 4 bytes
>> //
>> Status = SafeUintnAdd (VarEnd, (4 - (VarEnd & 4)) & 4, &VarOffset);
>> if RETURN_ERROR (Status) {
>> DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__));
>> return EFI_NOT_FOUND;
>> }
>
> Heh, what I wrote is bogus. Man, binary is hard. :) So, let me try again:
>
> Status = SafeUintnAdd (VarEnd, (4 - (VarEnd & 3)) & 3, &VarOffset);
>
> Ideally, we'd have a SafeIntLib set of APIs for aligning up...
BTW the reason I messed it up was that I'm much more attracted to the
"%" operator, so initially I wrote it as
Status = SafeUintnAdd (VarEnd, (4 - (VarEnd % 4)) % 4, &VarOffset);
which was correct, but then I thought, from your code, that you probably
liked "&" more (and that "&" might be faster for the CPU...), and then I
"replaced" the "%" operator with "&", but forgot to replace the divisor
4 with the bitmask 3...
Laszlo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113088): https://edk2.groups.io/g/devel/message/113088
Mute This Topic: https://groups.io/mt/103171811/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe:
https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
