MdeModulePkg DxeCore: Address boundary check for Type AllocateAddress

Check for Type AllocateAddress,
if NumberOfPages is 0 or
if (NumberOfPages << EFI_PAGE_SHIFT) is above MAX_ADDRESS or
if (Start + NumberOfBytes) rolls over 0 or
if Start is above MAX_ADDRESS or
if End is above MAX_ADDRESS,
return EFI_NOT_FOUND.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/Page.c
index 62738a187546a6f9e39aef1d41304074ef758eb8..2f4ff8ecfdab6fe22ed2baa8b1060bd31a1c8830 100644 (file)
--- a/MdeModulePkg/Core/Dxe/Mem/Page.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Page.c
@@ -1201,6 +1201,8 @@ CoreInternalAllocatePages (
 {\r
   EFI_STATUS      Status;\r
   UINT64          Start;\r
 {\r
   EFI_STATUS      Status;\r
   UINT64          Start;\r

+  UINT64          NumberOfBytes;\r
+  UINT64          End;\r

   UINT64          MaxAddress;\r
   UINTN           Alignment;\r
 \r
   UINT64          MaxAddress;\r
   UINTN           Alignment;\r
 \r


@@ -1246,6 +1248,30 @@ CoreInternalAllocatePages (
   //\r
   MaxAddress = MAX_ADDRESS;\r
 \r
   //\r
   MaxAddress = MAX_ADDRESS;\r
 \r

+  //\r
+  // Check for Type AllocateAddress,\r
+  // if NumberOfPages is 0 or\r
+  // if (NumberOfPages << EFI_PAGE_SHIFT) is above MAX_ADDRESS or\r
+  // if (Start + NumberOfBytes) rolls over 0 or\r
+  // if Start is above MAX_ADDRESS or\r
+  // if End is above MAX_ADDRESS,\r
+  // return EFI_NOT_FOUND.\r
+  //\r
+  if (Type == AllocateAddress) {\r
+    if ((NumberOfPages == 0) ||\r
+        (NumberOfPages > RShiftU64 (MaxAddress, EFI_PAGE_SHIFT))) {\r
+      return EFI_NOT_FOUND;\r
+    }\r
+    NumberOfBytes = LShiftU64 (NumberOfPages, EFI_PAGE_SHIFT);\r
+    End = Start + NumberOfBytes - 1;\r
+\r
+    if ((Start >= End) ||\r
+        (Start > MaxAddress) || \r
+        (End > MaxAddress)) {\r
+      return EFI_NOT_FOUND;\r
+    }\r
+  }\r
+\r

   if (Type == AllocateMaxAddress) {\r
     MaxAddress = Start;\r
   }\r
   if (Type == AllocateMaxAddress) {\r
     MaxAddress = Start;\r
   }\r