Yes. I will add those information. Thanks!
> -----Original Message----- > From: Zeng, Star > Sent: Wednesday, October 17, 2018 4:45 PM > To: Gao, Liming <[email protected]>; [email protected] > Cc: Zeng, Star <[email protected]> > Subject: RE: [edk2] [Patch] MdeModulePkg BrotliDecompressLib: Add the checker > to avoid array out of bound > > Liming, > > They are reported by some static analysis tool, right? > I think you add some information about it in the commit log. You can do that > when pushing the patch. > > Thanks, > Star > -----Original Message----- > From: Zeng, Star > Sent: Wednesday, October 17, 2018 4:43 PM > To: Gao, Liming <[email protected]>; [email protected] > Cc: Zeng, Star <[email protected]> > Subject: RE: [edk2] [Patch] MdeModulePkg BrotliDecompressLib: Add the checker > to avoid array out of bound > > Reviewed-by: Star Zeng <[email protected]> > > > Thanks, > Star > -----Original Message----- > From: edk2-devel [mailto:[email protected]] On Behalf Of Liming > Gao > Sent: Tuesday, October 16, 2018 3:27 PM > To: [email protected] > Subject: [edk2] [Patch] MdeModulePkg BrotliDecompressLib: Add the checker to > avoid array out of bound > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Liming Gao <[email protected]> > --- > MdeModulePkg/Library/BrotliCustomDecompressLib/dec/decode.c | 13 > ++++++++----- > 1 file changed, 8 insertions(+), 5 deletions(-) > > diff --git a/MdeModulePkg/Library/BrotliCustomDecompressLib/dec/decode.c > b/MdeModulePkg/Library/BrotliCustomDecompressLib/dec/decode.c > index fd42b3b..f3b3cb8 100644 > --- a/MdeModulePkg/Library/BrotliCustomDecompressLib/dec/decode.c > +++ b/MdeModulePkg/Library/BrotliCustomDecompressLib/dec/decode.c > @@ -858,6 +858,7 @@ static BROTLI_INLINE uint32_t ReadBlockLength(const > HuffmanCode* table, > uint32_t code; > uint32_t nbits; > code = ReadSymbol(table, br); > + ASSERT (code < BROTLI_NUM_BLOCK_LEN_SYMBOLS); > nbits = kBlockLengthPrefixCode[code].nbits; /* nbits == 2..24 */ > return kBlockLengthPrefixCode[code].offset + BrotliReadBits(br, nbits); } > @@ -910,6 +911,7 @@ static BROTLI_NOINLINE void > InverseMoveToFrontTransform( > uint32_t upper_bound = state->mtf_upper_bound; > uint32_t* mtf = &state->mtf[1]; /* Make mtf[-1] addressable. */ > uint8_t* mtf_u8 = (uint8_t*)mtf; > + uint8_t* mtf_u8t = mtf_u8 - 1; > /* Load endian-aware constant. */ > const uint8_t b0123[4] = {0, 1, 2, 3}; > uint32_t pattern; > @@ -928,13 +930,13 @@ static BROTLI_NOINLINE void InverseMoveToFrontTransform( > for (i = 0; i < v_len; ++i) { > int index = v[i]; > uint8_t value = mtf_u8[index]; > - upper_bound |= v[i]; > + upper_bound |= (uint32_t) v[i]; > v[i] = value; > - mtf_u8[-1] = value; > - do { > + mtf_u8t[0] = value; > + while (index >= 0) { > + mtf_u8t[index + 1] = mtf_u8t[index]; > index--; > - mtf_u8[index + 1] = mtf_u8[index]; > - } while (index >= 0); > + } > } > /* Remember amount of elements to be reinitialized. */ > state->mtf_upper_bound = upper_bound >> 2; @@ -1566,6 +1568,7 @@ static > BROTLI_INLINE BROTLI_BOOL > ReadCommandInternal( > BrotliBitReaderState memento; > if (!safe) { > cmd_code = ReadSymbol(s->htree_command, br); > + ASSERT (cmd_code < BROTLI_NUM_COMMAND_SYMBOLS); > } else { > BrotliBitReaderSaveState(br, &memento); > if (!SafeReadSymbol(s->htree_command, br, &cmd_code)) { > -- > 2.10.0.windows.1 > > _______________________________________________ > edk2-devel mailing list > [email protected] > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
