diff options
| author | Star Zeng <star.zeng@intel.com> | 2017-04-19 11:12:18 +0800 |
|---|---|---|
| committer | Star Zeng <star.zeng@intel.com> | 2017-04-20 14:10:04 +0800 |
| commit | 861c8dff2f506d602f8612ace12d244c29e63f31 (patch) | |
| tree | 5fcb9f1647a2689777ebe7ce1422b93a8b0422c9 /BaseTools/Source/Python | |
| parent | 95ad8f7f6a6c84ef46a96a8ba852afed805d1ca3 (diff) | |
| download | edk2-861c8dff2f506d602f8612ace12d244c29e63f31.zip edk2-861c8dff2f506d602f8612ace12d244c29e63f31.tar.gz edk2-861c8dff2f506d602f8612ace12d244c29e63f31.tar.bz2 | |
MdeModulePkg PiSmmCore: Enhance SMM FreePool to catch buffer overflow
This solution is equivalent to DXE core.
AllocatePool() allocates POOL_TAIL after the buffer.
This POOL_TAIL is checked at FreePool().
If the there is buffer overflow, the issue can be caught at FreePool().
This patch could also handle the eight-byte aligned allocation
requirement. The discussion related to the eight-byte aligned
allocation requirement is at
https://lists.01.org/pipermail/edk2-devel/2017-April/009995.html.
According to the PI spec (Vol 4, Section 3.2 SmmAllocatePool()):
The SmmAllocatePool() function ... All allocations are eight-byte aligned.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Diffstat (limited to 'BaseTools/Source/Python')
0 files changed, 0 insertions, 0 deletions