diff options
Diffstat (limited to 'patches/edk2/0002-MdeModulePkg-NonDiscoverable-fix-memory-override-bug.patch')
-rw-r--r-- | patches/edk2/0002-MdeModulePkg-NonDiscoverable-fix-memory-override-bug.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/patches/edk2/0002-MdeModulePkg-NonDiscoverable-fix-memory-override-bug.patch b/patches/edk2/0002-MdeModulePkg-NonDiscoverable-fix-memory-override-bug.patch deleted file mode 100644 index bd48545..0000000 --- a/patches/edk2/0002-MdeModulePkg-NonDiscoverable-fix-memory-override-bug.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 710d9e69fae6753a1a826aa18dd37bcadd3e0c3e Mon Sep 17 00:00:00 2001 -From: Heyi Guo <heyi.guo@linaro.org> -Date: Mon, 30 Oct 2017 13:47:52 +0800 -Subject: [PATCH] MdeModulePkg/NonDiscoverable: fix memory override bug - -For PciIoPciRead interface, memory prior to Buffer would be written -with zeros if Offset was larger than sizeof (Dev->ConfigSpace), which -would cause serious system exception. - -So we add a pre-check branch to avoid memory override. - -Cc: Star Zeng <star.zeng@intel.com> -Cc: Eric Dong <eric.dong@intel.com> -Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> -Cc: Ruiyu Ni <ruiyu.ni@intel.com> -Contributed-under: TianoCore Contribution Agreement 1.1 -Signed-off-by: Heyi Guo <heyi.guo@linaro.org> -Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> ---- - .../Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c -index c836ad6a91..0e42ae4bf6 100644 ---- a/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c -+++ b/MdeModulePkg/Bus/Pci/NonDiscoverablePciDeviceDxe/NonDiscoverablePciDeviceIo.c -@@ -465,6 +465,11 @@ PciIoPciRead ( - Address = (UINT8 *)&Dev->ConfigSpace + Offset;
- Length = Count << ((UINTN)Width & 0x3);
-
-+ if (Offset >= sizeof (Dev->ConfigSpace)) {
-+ ZeroMem (Buffer, Length);
-+ return EFI_SUCCESS;
-+ }
-+
- if (Offset + Length > sizeof (Dev->ConfigSpace)) {
- //
- // Read all zeroes for config space accesses beyond the first
--- -2.11.0 - |