Re: [edk2-devel] [PATCH v1 2/2] SecurityPkg: RngDxe: Fixing mAvailableAlgoArray allocator
Hi Kun, Thank you for this fix. Reviewed-by: Sami Mujawar Regards, Sami Mujawar On 28/06/2023 09:33 pm, Kun Qin wrote: From: Kun Qin REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4491 mAvailableAlgoArray is currently allocated for "RNG_AVAILABLE_ALGO_MAX" number of bytes, whereas it was dereferenced as "EFI_RNG_ALGORITHM". This change fixed the buffer allocation logic by allocating a proper size of buffer before referencing. Cc: Jiewen Yao Cc: Jian J Wang Cc: Sami Mujawar Cc: Pierre Gondois Signed-off-by: Kun Qin --- SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c | 2 +- SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c index de279cdadeea..1d412ecff61d 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c @@ -33,7 +33,7 @@ GetAvailableAlgorithms ( UINT16 MinorRevision; // Rng algorithms 2 times, one for the allocation, one to populate. - mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); + mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX * sizeof (EFI_RNG_ALGORITHM)); if (mAvailableAlgoArray == NULL) { return EFI_OUT_OF_RESOURCES; } diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c index 4b24f5c4a69b..5e621df601fb 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c @@ -32,7 +32,7 @@ GetAvailableAlgorithms ( UINT16 MinorRevision; // Rng algorithms 2 times, one for the allocation, one to populate. - mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); + mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX * sizeof (EFI_RNG_ALGORITHM)); if (mAvailableAlgoArray == NULL) { return EFI_OUT_OF_RESOURCES; } -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106515): https://edk2.groups.io/g/devel/message/106515 Mute This Topic: https://groups.io/mt/99839049/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 2/2] SecurityPkg: RngDxe: Fixing mAvailableAlgoArray allocator
From: Kun Qin REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4491 mAvailableAlgoArray is currently allocated for "RNG_AVAILABLE_ALGO_MAX" number of bytes, whereas it was dereferenced as "EFI_RNG_ALGORITHM". This change fixed the buffer allocation logic by allocating a proper size of buffer before referencing. Cc: Jiewen Yao Cc: Jian J Wang Cc: Sami Mujawar Cc: Pierre Gondois Signed-off-by: Kun Qin --- SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c | 2 +- SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c index de279cdadeea..1d412ecff61d 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c @@ -33,7 +33,7 @@ GetAvailableAlgorithms ( UINT16 MinorRevision; // Rng algorithms 2 times, one for the allocation, one to populate. - mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); + mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX * sizeof (EFI_RNG_ALGORITHM)); if (mAvailableAlgoArray == NULL) { return EFI_OUT_OF_RESOURCES; } diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c b/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c index 4b24f5c4a69b..5e621df601fb 100644 --- a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c +++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c @@ -32,7 +32,7 @@ GetAvailableAlgorithms ( UINT16 MinorRevision; // Rng algorithms 2 times, one for the allocation, one to populate. - mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX); + mAvailableAlgoArray = AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX * sizeof (EFI_RNG_ALGORITHM)); if (mAvailableAlgoArray == NULL) { return EFI_OUT_OF_RESOURCES; } -- 2.41.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106485): https://edk2.groups.io/g/devel/message/106485 Mute This Topic: https://groups.io/mt/99839049/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-