From: Hao Wu <hao.a.wu@intel.com>
Date: Wed, 22 Mar 2017 02:08:55 +0000 (+0800)
Subject: MdeModulePkg/DxeCore: Add ASSERT to ensure no subtract underflow
X-Git-Tag: edk2-stable201903~4158
X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=1860cb00c18c6f0c58336ea15a63889dabd31d15

MdeModulePkg/DxeCore: Add ASSERT to ensure no subtract underflow

For function SplitRecord() in file PropertiesTable.c, there is a
potential subtract underflow case for line:

  return TotalNewRecordCount - 1;

However, such case will not happen since the logic in function
SplitTable() ensure that when calling SplitRecord(), the variable
'TotalNewRecordCount' will not be zero when performing the subtraction.
It will be handled in the previous if statement:

  if (MaxSplitRecordCount == 0) {
    CopyMem (NewRecord, OldRecord, DescriptorSize);
    return 0;
  }

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---

diff --git a/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c b/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c
index e7c4a95712..6cf5edcbe5 100644
--- a/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c
+++ b/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c
@@ -576,6 +576,11 @@ SplitRecord (
     TempRecord.NumberOfPages = EfiSizeToPages (PhysicalEnd - PhysicalStart);
   } while ((ImageRecord != NULL) && (PhysicalStart < PhysicalEnd));
 
+  //
+  // The logic in function SplitTable() ensures that TotalNewRecordCount will not be zero if the
+  // code reaches here.
+  //
+  ASSERT (TotalNewRecordCount != 0);
   return TotalNewRecordCount - 1;
 }