The replaced code is a legitimate attempt to index an array based
at address zero in x86 real-mode. However, ISO C (both C89 and C99)
consider dereferencing a null pointer in this manner to be undefined
behavior - which is therefore not portable. Most compilers seem to
generate working code for this. Clang 3.8 when compiling with -Os
emits a __builtin_trap() into the code with no compile-time diagnostic.
The replacement code calculates the address in a manner such that the
possible memory access to address zero is not determinable at
compile-time. If the code is instrumented for run-time checks of null,
it may still generate an error for accessing the zeroth entry in the
array. This sort of instrumentation is not normally used.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zenith432 <zenith...@users.sourceforge.net>
---
IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c
b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c
index 3d9a8b9..4a6fd9b 100644
--- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c
+++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c
@@ -57,8 +57,6 @@ LegacyBiosInt86 (
IN EFI_IA32_REGISTER_SET *Regs
)
{
- UINT32 *VectorBase;
-
Regs->X.Flags.Reserved1 = 1;
Regs->X.Flags.Reserved2 = 0;
Regs->X.Flags.Reserved3 = 0;
@@ -72,12 +70,11 @@ LegacyBiosInt86 (
// The base address of legacy interrupt vector table is 0.
// We use this base address to get the legacy interrupt handler.
//
- VectorBase = 0;
return InternalLegacyBiosFarCall (
This,
- (UINT16) ((VectorBase)[BiosInt] >> 16),
- (UINT16) (VectorBase)[BiosInt],
+ *(UINT16*) ((((UINTN)BiosInt) * sizeof(UINT32)) + sizeof(UINT16)),
+ *(UINT16*) (((UINTN)BiosInt) * sizeof(UINT32)),
Regs,
&Regs->X.Flags,
sizeof (Regs->X.Flags)
--
2.5.5
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
