Hi @Gerd Hoffmann
It's PR https://github.com/tianocore/edk2/pull/5298 if no more concern
received, will merge it tomorrow morning.
Thanks,
Gua
-----Original Message-----
From: Gerd Hoffmann <kra...@redhat.com>
Sent: Wednesday, January 24, 2024 8:48 PM
To: Guo, Gua <gua....@intel.com>
Cc: devel@edk2.groups.io; Ard Biesheuvel <ardb+tianoc...@kernel.org>; Mathews,
John <john.math...@intel.com>; Zimmer, Vincent <vincent.zim...@intel.com>; Sami
Mujawar <sami.muja...@arm.com>; jma...@redhat.com
Subject: Re: RE: [PATCH v3 0/4] Bz4166: Integer Overflow in CreateHob()
On Tue, Jan 23, 2024 at 03:16:32PM +0000, Guo, Gua wrote:
> For MdeModulePkg, I think no need to change because no any logic change.
>
> For StandaloneMmPkg and EmbeddedPkg
> - Don't have enough abilities to close Sami Mujawar and Ni Ray open
> currently, so hold on the change until I find how to introduce Panic. So give
> up these two packages patch currently.
On StandaloneMmPkg: I think the patch is fine, I've replied in that subthread.
On EmbeddedPkg: I think the BuildGuidDataHob() callsites need review whenever
they do:
(a) check the return value properly, or
(b) allocate a fixed size HOB so the new check in CreateHob() can't
fail.
take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#114370): https://edk2.groups.io/g/devel/message/114370
Mute This Topic: https://groups.io/mt/103675959/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
