Two very small comments are added below.
On 2018/9/21 15:25, Ruiyu Ni wrote:
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <[email protected]>
Cc: Star Zeng <[email protected]>
---
.../Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c | 26 +++++++++++++++++-----
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c
b/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c
index f8a1239ceb..0b6b56f846 100644
--- a/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c
+++ b/MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c
@@ -321,6 +321,7 @@ RootBridgeIoCheckParameter (
UINT64 Base;
UINT64 Limit;
UINT32 Size;
+ UINT64 Length;
//
// Check to see if Buffer is NULL
@@ -337,7 +338,7 @@ RootBridgeIoCheckParameter (
}
//
- // For FIFO type, the target address won't increase during the access,
+ // For FIFO type, the device address won't increase during the access,
// so treat Count as 1
//
if (Width >= EfiPciWidthFifoUint8 && Width <= EfiPciWidthFifoUint64) {
@@ -347,6 +348,13 @@ RootBridgeIoCheckParameter (
Width = (EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL_WIDTH) (Width & 0x03);
Size = 1 << Width;
+ //
+ // Make sure (Count * Size) doesn't exceed MAX_UINT64
+ //
+ if (Count > DivU64x32 (MAX_UINT64, Size)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
Mark as "Code Block 1".
//
// Check to see if Address is aligned
//
@@ -354,6 +362,14 @@ RootBridgeIoCheckParameter (
return EFI_UNSUPPORTED;
}
+ //
+ // Make sure (Address + Count * Size) doesn't exceed MAX_UINT64
+ //
+ Length = MultU64x32 (Count, Size);
+ if (Address > MAX_UINT64 - Length) {
+ return EFI_INVALID_PARAMETER;
+ }
+
Is there some reason this code block is not put together with the "Code
Block 1"? Both are checking integer overflow.
How about also enhancing the function description a little to add one
line for describing the overflow invalid parameter cases?
@retval EFI_INVALID_PARAMETER XXX.
or just updating the line below?
@retval EFI_UNSUPPORTED The address range specified by
Address, Width,
and Count is not valid for this PI system.
Thanks,
Star
RootBridge = ROOT_BRIDGE_FROM_THIS (This);
//
@@ -372,7 +388,7 @@ RootBridgeIoCheckParameter (
//
// Allow Legacy IO access
//
- if (Address + MultU64x32 (Count, Size) <= 0x1000) {
+ if (Address + Length <= 0x1000) {
if ((RootBridge->Attributes & (
EFI_PCI_ATTRIBUTE_ISA_IO | EFI_PCI_ATTRIBUTE_VGA_PALETTE_IO |
EFI_PCI_ATTRIBUTE_VGA_IO |
EFI_PCI_ATTRIBUTE_IDE_PRIMARY_IO |
EFI_PCI_ATTRIBUTE_IDE_SECONDARY_IO |
@@ -386,7 +402,7 @@ RootBridgeIoCheckParameter (
//
// Allow Legacy MMIO access
//
- if ((Address >= 0xA0000) && (Address + MultU64x32 (Count, Size)) <=
0xC0000) {
+ if ((Address >= 0xA0000) && (Address + Length) <= 0xC0000) {
if ((RootBridge->Attributes & EFI_PCI_ATTRIBUTE_VGA_MEMORY) != 0) {
return EFI_SUCCESS;
}
@@ -395,7 +411,7 @@ RootBridgeIoCheckParameter (
// By comparing the Address against Limit we know which range to be used
// for checking
//
- if (Address + MultU64x32 (Count, Size) <= RootBridge->Mem.Limit + 1) {
+ if (Address + Length <= RootBridge->Mem.Limit + 1) {
Base = RootBridge->Mem.Base;
Limit = RootBridge->Mem.Limit;
} else {
@@ -427,7 +443,7 @@ RootBridgeIoCheckParameter (
return EFI_INVALID_PARAMETER;
}
- if (Address + MultU64x32 (Count, Size) > Limit + 1) {
+ if (Address + Length > Limit + 1) {
return EFI_INVALID_PARAMETER;
}
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel
