On 1/3/24 13:56, Laszlo Ersek wrote: > (8) Apologies if it was me who suggested ALIGN_VALUE() previously, but > this is, in effect, an unchecked addition. I can't off-hand see evidence > that it can never overflow (the previous checks don't seem to prevent an > overflow here), so I suggest: > > // > // the next variable header starts aligned at 4 bytes > // > Status = SafeUintnAdd (VarEnd, (4 - (VarEnd & 4)) & 4, &VarOffset); > if RETURN_ERROR (Status) { > DEBUG ((DEBUG_ERROR, "%a: integer overflow\n", __func__)); > return EFI_NOT_FOUND; > }
Heh, what I wrote is bogus. Man, binary is hard. :) So, let me try again: Status = SafeUintnAdd (VarEnd, (4 - (VarEnd & 3)) & 3, &VarOffset); Ideally, we'd have a SafeIntLib set of APIs for aligning up... Sorry :) Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113087): https://edk2.groups.io/g/devel/message/113087 Mute This Topic: https://groups.io/mt/103171811/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-