From: Star Zeng Date: Fri, 21 Mar 2014 01:16:07 +0000 (+0000) Subject: MdeModulePkg PCD: Fix PCD driver to return default data if size mismatch. X-Git-Tag: edk2-stable201903~11617 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=553e86699d00ac8b7016fdfcb7fb747e89a1862d MdeModulePkg PCD: Fix PCD driver to return default data if size mismatch. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng Reviewed-by: Liming Gao git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15357 6f19259b-4bc3-4df7-8a09-765794883524 --- diff --git a/MdeModulePkg/Universal/PCD/Dxe/Service.c b/MdeModulePkg/Universal/PCD/Dxe/Service.c index a9e1ca49a3..4cbf6dd209 100644 --- a/MdeModulePkg/Universal/PCD/Dxe/Service.c +++ b/MdeModulePkg/Universal/PCD/Dxe/Service.c @@ -1,7 +1,7 @@ /** @file Help functions used by PCD DXE driver. -Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -457,25 +457,33 @@ GetWorker ( // string array in string table. // StringTableIdx = *(STRING_HEAD*)((UINT8 *) PcdDb + VariableHead->DefaultValueOffset); - VaraiableDefaultBuffer = (VOID *) (StringTable + StringTableIdx); + VaraiableDefaultBuffer = (UINT8 *) (StringTable + StringTableIdx); } else { VaraiableDefaultBuffer = (UINT8 *) PcdDb + VariableHead->DefaultValueOffset; } Status = GetHiiVariable (Guid, Name, &Data, &DataSize); if (Status == EFI_SUCCESS) { - if (GetSize == 0) { + if (DataSize >= (VariableHead->Offset + GetSize)) { + if (GetSize == 0) { + // + // It is a pointer type. So get the MaxSize reserved for + // this PCD entry. + // + GetPtrTypeSize (TmpTokenNumber, &GetSize); + if (GetSize > (DataSize - VariableHead->Offset)) { + // + // Use actual valid size. + // + GetSize = DataSize - VariableHead->Offset; + } + } // - // It is a pointer type. So get the MaxSize reserved for - // this PCD entry. + // If the operation is successful, we copy the data + // to the default value buffer in the PCD Database. + // So that we can free the Data allocated in GetHiiVariable. // - GetPtrTypeSize (TmpTokenNumber, &GetSize); + CopyMem (VaraiableDefaultBuffer, Data + VariableHead->Offset, GetSize); } - // - // If the operation is successful, we copy the data - // to the default value buffer in the PCD Database. - // So that we can free the Data allocated in GetHiiVariable. - // - CopyMem (VaraiableDefaultBuffer, Data + VariableHead->Offset, GetSize); FreePool (Data); } RetPtr = (VOID *) VaraiableDefaultBuffer; diff --git a/MdeModulePkg/Universal/PCD/Pei/Service.c b/MdeModulePkg/Universal/PCD/Pei/Service.c index 4fb8b4a687..af40db8319 100644 --- a/MdeModulePkg/Universal/PCD/Pei/Service.c +++ b/MdeModulePkg/Universal/PCD/Pei/Service.c @@ -2,7 +2,7 @@ The driver internal functions are implmented here. They build Pei PCD database, and provide access service to PCD database. -Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -947,6 +947,7 @@ GetWorker ( PEI_PCD_DATABASE *PeiPcdDb; UINT32 LocalTokenNumber; UINT32 LocalTokenCount; + UINT8 *VaraiableDefaultBuffer; // // TokenNumber Zero is reserved as PCD_INVALID_TOKEN_NUMBER. @@ -986,20 +987,37 @@ GetWorker ( Guid = (EFI_GUID *) ((UINT8 *)PeiPcdDb + PeiPcdDb->GuidTableOffset) + VariableHead->GuidTableIndex; Name = (UINT16*)&StringTable[VariableHead->StringIndex]; - Status = GetHiiVariable (Guid, Name, &Data, &DataSize); - - if (Status == EFI_SUCCESS) { - return (VOID *) ((UINT8 *) Data + VariableHead->Offset); - } else { + if ((LocalTokenNumber & PCD_TYPE_ALL_SET) == (PCD_TYPE_HII|PCD_TYPE_STRING)) { // - // Return the default value specified by Platform Integrator + // If a HII type PCD's datum type is VOID*, the DefaultValueOffset is the index of + // string array in string table. // - if ((LocalTokenNumber & PCD_TYPE_ALL_SET) == (PCD_TYPE_HII|PCD_TYPE_STRING)) { - return (VOID*)&StringTable[*(STRING_HEAD*)((UINT8*)PeiPcdDb + VariableHead->DefaultValueOffset)]; - } else { - return (VOID *) ((UINT8 *) PeiPcdDb + VariableHead->DefaultValueOffset); + VaraiableDefaultBuffer = (UINT8 *) &StringTable[*(STRING_HEAD*)((UINT8*) PeiPcdDb + VariableHead->DefaultValueOffset)]; + } else { + VaraiableDefaultBuffer = (UINT8 *) PeiPcdDb + VariableHead->DefaultValueOffset; + } + Status = GetHiiVariable (Guid, Name, &Data, &DataSize); + if ((Status == EFI_SUCCESS) && (DataSize >= (VariableHead->Offset + GetSize))) { + if (GetSize == 0) { + // + // It is a pointer type. So get the MaxSize reserved for + // this PCD entry. + // + GetPtrTypeSize (TokenNumber, &GetSize, PeiPcdDb); + if (GetSize > (DataSize - VariableHead->Offset)) { + // + // Use actual valid size. + // + GetSize = DataSize - VariableHead->Offset; + } } + // + // If the operation is successful, we copy the data + // to the default value buffer in the PCD Database. + // + CopyMem (VaraiableDefaultBuffer, (UINT8 *) Data + VariableHead->Offset, GetSize); } + return (VOID *) VaraiableDefaultBuffer; } case PCD_TYPE_DATA: