edk2[16439] MdeModulePkg Variable: Add missing warning annotation.

vanjeff Tue, 25 Nov 2014 00:14:21 -0800

Revision: 16439
          http://sourceforge.net/p/edk2/code/16439
Author:   vanjeff
Date:     2014-11-25 08:12:37 +0000 (Tue, 25 Nov 2014)
Log Message:
-----------
MdeModulePkg Variable: Add missing warning annotation.


Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <[email protected]>
Reviewed-by: Jiewen Yao <[email protected]>

(Sync patch r16401 from main trunk.)

Revision Links:
--------------
    http://sourceforge.net/p/edk2/code/16401

Modified Paths:
--------------
    branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
    
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
    
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni
    
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
    
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
    
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni

Modified: 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
===================================================================
--- branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c  
2014-11-25 07:36:56 UTC (rev 16438)
+++ branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c  
2014-11-25 08:12:37 UTC (rev 16439)
@@ -3,6 +3,17 @@
   The common variable operation routines shared by DXE_RUNTIME variable 
   module and DXE_SMM variable module.
   
+  Caution: This module requires additional review when modified.
+  This driver will have external input - variable data. They may be input in 
SMM mode.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  VariableServiceGetNextVariableName () and VariableServiceQueryVariableInfo() 
are external API.
+  They need check input parameter.
+
+  VariableServiceGetVariable() and VariableServiceSetVariable() are external 
API
+  to receive datasize and data buffer. The size should be checked carefully.
+
 Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials                          
 are licensed and made available under the terms and conditions of the BSD 
License         
@@ -2276,6 +2287,10 @@
 
   This code finds variable in storage blocks (Volatile or Non-Volatile).
 
+  Caution: This function may receive untrusted input.
+  This function may be invoked in SMM mode, and datasize is external input.
+  This function will do basic validation, before parse the data.
+
   @param VariableName               Name of Variable to be found.
   @param VendorGuid                 Variable vendor GUID.
   @param Attributes                 Attribute value of the variable found.
@@ -2353,6 +2368,9 @@
 
   This code Finds the Next available variable.
 
+  Caution: This function may receive untrusted input.
+  This function may be invoked in SMM mode. This function will do basic 
validation, before parse the data.
+
   @param VariableNameSize           Size of the variable name.
   @param VariableName               Pointer to variable name.
   @param VendorGuid                 Variable Vendor Guid.
@@ -2515,6 +2533,10 @@
 
   This code sets variable in storage blocks (Volatile or Non-Volatile).
 
+  Caution: This function may receive untrusted input.
+  This function may be invoked in SMM mode, and datasize and data are external 
input.
+  This function will do basic validation, before parse the data.
+
   @param VariableName                     Name of Variable to be found.
   @param VendorGuid                       Variable vendor GUID.
   @param Attributes                       Attribute value of the variable found
@@ -2686,6 +2708,9 @@
 
   This code returns information about the EFI variables.
 
+  Caution: This function may receive untrusted input.
+  This function may be invoked in SMM mode. This function will do basic 
validation, before parse the data.
+
   @param Attributes                     Attributes bitmask to specify the type 
of variables
                                         on which to return information.
   @param MaximumVariableStorageSize     Pointer to the maximum size of the 
storage space available
@@ -2839,6 +2864,9 @@
 
   This code returns information about the EFI variables.
 
+  Caution: This function may receive untrusted input.
+  This function may be invoked in SMM mode. This function will do basic 
validation, before parse the data.
+
   @param Attributes                     Attributes bitmask to specify the type 
of variables
                                         on which to return information.
   @param MaximumVariableStorageSize     Pointer to the maximum size of the 
storage space available
@@ -2910,7 +2938,10 @@
 
 /**
   This function reclaims variable storage if free size is below the threshold.
-  
+
+  Caution: This function may be invoked at SMM mode.
+  Care must be taken to make sure not security issue.
+
 **/
 VOID
 ReclaimForOS(

Modified: 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
===================================================================
--- 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
      2014-11-25 07:36:56 UTC (rev 16438)
+++ 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
      2014-11-25 08:12:37 UTC (rev 16439)
@@ -3,6 +3,11 @@
 #
 # It provides four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, 
GetNextVariableName and QueryVariableInfo.
 #
+#  Caution: This module requires additional review when modified.
+#  This driver will have external input - variable data.
+#  This external input must be validated carefully to avoid security issues 
such as
+#  buffer overflow or integer overflow.
+#
 # Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
 #
 #  This program and the accompanying materials

Modified: 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni
===================================================================
--- 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni
      2014-11-25 07:36:56 UTC (rev 16438)
+++ 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni
      2014-11-25 08:12:37 UTC (rev 16439)
@@ -8,6 +8,18 @@
  ++++++  Modified: 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
===================================================================
--- 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
     2014-11-25 07:36:56 UTC (rev 16438)
+++ 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
     2014-11-25 08:12:37 UTC (rev 16439)
@@ -4,6 +4,16 @@
   and volatile storage space and install variable architecture protocol
   based on SMM variable module.
 
+  Caution: This module requires additional review when modified.
+  This driver will have external input - variable data.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  RuntimeServiceGetVariable() and RuntimeServiceSetVariable() are external API
+  to receive data buffer. The size should be checked carefully.
+
+  InitCommunicateBuffer() is really function to check the variable data size.
+
 Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials                          
 are licensed and made available under the terms and conditions of the BSD 
License         
@@ -97,6 +107,9 @@
   The communicate size is: SMM_COMMUNICATE_HEADER_SIZE + 
SMM_VARIABLE_COMMUNICATE_HEADER_SIZE +
   DataSize.
 
+  Caution: This function may receive untrusted input.
+  The data size external input, so this function will validate it carefully to 
avoid buffer overflow.
+
   @param[out]      DataPtr          Points to the data in the communicate 
buffer.
   @param[in]       DataSize         The data size to send to SMM.
   @param[in]       Function         The function number to initialize the 
communicate header.
@@ -234,6 +247,9 @@
 /**
   This code finds variable in storage blocks (Volatile or Non-Volatile).
 
+  Caution: This function may receive untrusted input.
+  The data size is external input, so this function will validate it carefully 
to avoid buffer overflow.
+
   @param[in]      VariableName       Name of Variable to be found.
   @param[in]      VendorGuid         Variable vendor GUID.
   @param[out]     Attributes         Attribute value of the variable found.
@@ -453,6 +469,9 @@
 /**
   This code sets variable in storage blocks (Volatile or Non-Volatile).
 
+  Caution: This function may receive untrusted input.
+  The data size and data are external input, so this function will validate it 
carefully to avoid buffer overflow.
+
   @param[in] VariableName                 Name of Variable to be found.
   @param[in] VendorGuid                   Variable vendor GUID.
   @param[in] Attributes                   Attribute value of the variable found

Modified: 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
===================================================================
--- 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
   2014-11-25 07:36:56 UTC (rev 16438)
+++ 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
   2014-11-25 08:12:37 UTC (rev 16439)
@@ -5,6 +5,11 @@
 #  four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName 
and QueryVariableInfo
 #  and works with SMM variable module together.
 #
+#  Caution: This module requires additional review when modified.
+#  This driver will have external input - variable data.
+#  This external input must be validated carefully to avoid security issues 
such as
+#  buffer overflow or integer overflow.
+#
 # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 #
 #  This program and the accompanying materials

Modified: 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni
===================================================================
--- 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni
   2014-11-25 07:36:56 UTC (rev 16438)
+++ 
branches/UDK2014.SP1/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni
   2014-11-25 08:12:37 UTC (rev 16439)
@@ -12,6 +12,16 @@
  +++++  

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits

edk2[16439] MdeModulePkg Variable: Add missing warning annotation.

Reply via email to