Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: 48c53994e649d51a388dc414944c9a9b717a1c3c
https://github.com/tianocore/edk2/commit/48c53994e649d51a388dc414944c9a9b717a1c3c
Author: Ranbir Singh <rsi...@ventanamicro.com>
Date: 2023-05-30 (Tue, 30 May 2023)
Changed paths:
M IntelFsp2Pkg/Library/BaseFspCommonLib/FspCommonLib.c
Log Message:
-----------
IntelFsp2Pkg/Library/BaseFspCommonLib: Fix OVERRUN Coverity issue
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4200
FspData->PerfIdx is getting increased for every call unconditionally
in the function SetFspMeasurePoint and hence memory access can happen
for out of bound FspData->PerfData[] array entries also.
Example -
FspData->PerfData is an array of 32 UINT64 entries. Assume a call
is made to SetFspMeasurePoint function when the FspData->PerfIdx
last value is 31. It gets incremented to 32 at line 400.
Any subsequent call to SetFspMeasurePoint functions leads to
FspData->PerfData[32] getting accessed which is out of the PerfData
array as well as the FSP_GLOBAL_DATA structure boundary.
Hence keep array access and index increment inside if block only and
return invalid performance timestamp when PerfIdx is invalid.
Cc: Chasel Chiu <chasel.c...@intel.com>
Cc: Nate DeSimone <nathaniel.l.desim...@intel.com>
Cc: Star Zeng <star.z...@intel.com>
Signed-off-by: Ranbir Singh <rsi...@ventanamicro.com>
Acked-by: Pedro Falcato <pedro.falc...@gmail.com>
Reviewed-by: Chasel Chiu <chasel.c...@intel.com>
_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
