Hi, > The general idea is, once we don't trust the varstore, there cannot be > a *single* unchecked addition in the code. (Unless we can *prove* that > overflow is impossible.)
There are some cases where we add a small, constant number to a value we know is smaller than VariableStoreHeader->Size. I don't see how those can overflow, given that varstore flash typically is an order of magnitude smaller than MAX_UINT32 (unless VariableStoreHeader->Size is corrupted, but then we have bigger problems anyway ...). take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112540): https://edk2.groups.io/g/devel/message/112540 Mute This Topic: https://groups.io/mt/103031342/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
