From 18a7dbbc020f0aec63ae71d034f32617da1eec9e Mon Sep 17 00:00:00 2001 From: Star Zeng Date: Wed, 19 Nov 2014 01:08:23 +0000 Subject: [PATCH] MdeModulePkg Variable: Add missing warning annotation. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng Reviewed-by: Jiewen Yao git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16401 6f19259b-4bc3-4df7-8a09-765794883524 --- .../Universal/Variable/RuntimeDxe/Variable.c | 33 +++++++++++++++++- .../RuntimeDxe/VariableRuntimeDxe.inf | 5 +++ .../RuntimeDxe/VariableRuntimeDxe.uni | Bin 2070 -> 2588 bytes .../RuntimeDxe/VariableSmmRuntimeDxe.c | 19 ++++++++++ .../RuntimeDxe/VariableSmmRuntimeDxe.inf | 5 +++ .../RuntimeDxe/VariableSmmRuntimeDxe.uni | Bin 2508 -> 3018 bytes 6 files changed, 61 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index c66bdbf9fd..b545a05530 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3,6 +3,17 @@ The common variable operation routines shared by DXE_RUNTIME variable module and DXE_SMM variable module. + Caution: This module requires additional review when modified. + This driver will have external input - variable data. They may be input in SMM mode. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + VariableServiceGetNextVariableName () and VariableServiceQueryVariableInfo() are external API. + They need check input parameter. + + VariableServiceGetVariable() and VariableServiceSetVariable() are external API + to receive datasize and data buffer. The size should be checked carefully. + Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -2276,6 +2287,10 @@ VariableLockRequestToLock ( This code finds variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode, and datasize is external input. + This function will do basic validation, before parse the data. + @param VariableName Name of Variable to be found. @param VendorGuid Variable vendor GUID. @param Attributes Attribute value of the variable found. @@ -2353,6 +2368,9 @@ Done: This code Finds the Next available variable. + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode. This function will do basic validation, before parse the data. + @param VariableNameSize Size of the variable name. @param VariableName Pointer to variable name. @param VendorGuid Variable Vendor Guid. @@ -2515,6 +2533,10 @@ Done: This code sets variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode, and datasize and data are external input. + This function will do basic validation, before parse the data. + @param VariableName Name of Variable to be found. @param VendorGuid Variable vendor GUID. @param Attributes Attribute value of the variable found @@ -2686,6 +2708,9 @@ Done: This code returns information about the EFI variables. + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode. This function will do basic validation, before parse the data. + @param Attributes Attributes bitmask to specify the type of variables on which to return information. @param MaximumVariableStorageSize Pointer to the maximum size of the storage space available @@ -2839,6 +2864,9 @@ VariableServiceQueryVariableInfoInternal ( This code returns information about the EFI variables. + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode. This function will do basic validation, before parse the data. + @param Attributes Attributes bitmask to specify the type of variables on which to return information. @param MaximumVariableStorageSize Pointer to the maximum size of the storage space available @@ -2910,7 +2938,10 @@ VariableServiceQueryVariableInfo ( /** This function reclaims variable storage if free size is below the threshold. - + + Caution: This function may be invoked at SMM mode. + Care must be taken to make sure not security issue. + **/ VOID ReclaimForOS( diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index 2585203120..f8ee4684e2 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -3,6 +3,11 @@ # # It provides four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. # +# Caution: This module requires additional review when modified. +# This driver will have external input - variable data. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. +# # Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
# # This program and the accompanying materials diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni index b91e18a339083e590330f9aecb3ac1e35c7f6d12..ee8acd0ad15e03ec5b02d459b7e2b24fda6f14c1 100644 GIT binary patch delta 473 zcmaKoKT88a5XE1Lvj~VOk}A#G*{Hp3zJj%o+#j=GZjF0hv^w$;LcmI}w-N;LvXzVkGg_H!~MI*{{jnyBGpc_)UHiUJhPi-$?KF8+nyC%o9_{DI|D7sS>4LwFFR)76=!Ec__m{>QAnnSWR7iZ16}X&vP9gzWTW@b H-qpbuSdLp2 delta 12 TcmbOuGEHE^Hpb0+m=o9lAYufT diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c index 7ca3326a88..14e421cb79 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c @@ -4,6 +4,16 @@ and volatile storage space and install variable architecture protocol based on SMM variable module. + Caution: This module requires additional review when modified. + This driver will have external input - variable data. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + RuntimeServiceGetVariable() and RuntimeServiceSetVariable() are external API + to receive data buffer. The size should be checked carefully. + + InitCommunicateBuffer() is really function to check the variable data size. + Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -97,6 +107,9 @@ ReleaseLockOnlyAtBootTime ( The communicate size is: SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + DataSize. + Caution: This function may receive untrusted input. + The data size external input, so this function will validate it carefully to avoid buffer overflow. + @param[out] DataPtr Points to the data in the communicate buffer. @param[in] DataSize The data size to send to SMM. @param[in] Function The function number to initialize the communicate header. @@ -234,6 +247,9 @@ Done: /** This code finds variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + The data size is external input, so this function will validate it carefully to avoid buffer overflow. + @param[in] VariableName Name of Variable to be found. @param[in] VendorGuid Variable vendor GUID. @param[out] Attributes Attribute value of the variable found. @@ -453,6 +469,9 @@ Done: /** This code sets variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + The data size and data are external input, so this function will validate it carefully to avoid buffer overflow. + @param[in] VariableName Name of Variable to be found. @param[in] VendorGuid Variable vendor GUID. @param[in] Attributes Attribute value of the variable found diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf index 644c4fce67..4bd470662f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf @@ -5,6 +5,11 @@ # four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo # and works with SMM variable module together. # +# Caution: This module requires additional review when modified. +# This driver will have external input - variable data. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. +# # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# # This program and the accompanying materials diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni index 5b5dcd8ab35d9b73cb9f3ae9c2b9f00d61ae6d0f..39cf83edec2b63cdcf3a24a9edf918e38b429d65 100644 GIT binary patch delta 468 zcmaKoO-chn5QQHDDhOGH;KEJ2bE9rtc?-b{OyQ}E`RlSet`@!o=F)4MgUQtP%E}o7K$2&Dz0Y+Jr6;!I`#BW-u8&Jy*ppDl2 z)>;sCL`$TM-FmLpsV3Uj87JrpR&>pp`bd4lYt<1=Q(YX>&fvg(prsKyFiS?FTc0=R zWOG@}#+ppe{kzHk3QLqS)j@ObH+YxG@TS@D235qiXbaZ{d<5%R&`cSWMn*DPhEhSX zoq8wPmKkL0phXqCTUq|$#~i%nY+XoSezY`7?rL&(Y;7Cp`WJ7lenxo1ET+vfSd7>KBRm9^ -- 2.39.2