Branch: refs/heads/master Home: https://github.com/tianocore/edk2 Commit: cab1f02565d3b29081dd21afb074f35fdb4e1fd6 https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6 Author: Miki Demeter <miki.deme...@intel.com> Date: 2022-11-04 (Fri, 04 Nov 2022)
Changed paths: M MdeModulePkg/Core/PiSmmCore/PiSmmCore.c M MdeModulePkg/Core/PiSmmCore/PiSmmCore.h M MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf M MdeModulePkg/Core/PiSmmCore/PiSmmIpl.c M MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf Log Message: ----------- MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578) REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3387 Added use of SafeIntLib to validate values are not causing overflows or underflows in user controlled values when calculating buffer sizes. Signed-off-by: Miki Demeter <miki.deme...@intel.com> Reviewed-by: Michael D Kinney <michael.d.kin...@intel.com> Cc: Jian J Wang <jian.j.w...@intel.com> Cc: Liming Gao <gaolim...@byosoft.com.cn> Reviewed-by: Liming Gao <gaolim...@byosoft.com.cn> _______________________________________________ edk2-commits mailing list edk2-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-commits