From 18a7dbbc020f0aec63ae71d034f32617da1eec9e Mon Sep 17 00:00:00 2001 From: Star Zeng Date: Wed, 19 Nov 2014 01:08:23 +0000 Subject: MdeModulePkg Variable: Add missing warning annotation. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng Reviewed-by: Jiewen Yao git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16401 6f19259b-4bc3-4df7-8a09-765794883524 --- .../Universal/Variable/RuntimeDxe/Variable.c | 33 ++++++++++++++++++++- .../Variable/RuntimeDxe/VariableRuntimeDxe.inf | 5 ++++ .../Variable/RuntimeDxe/VariableRuntimeDxe.uni | Bin 2070 -> 2588 bytes .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 19 ++++++++++++ .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 5 ++++ .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni | Bin 2508 -> 3018 bytes 6 files changed, 61 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index c66bdbf9fd..b545a05530 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3,6 +3,17 @@ The common variable operation routines shared by DXE_RUNTIME variable module and DXE_SMM variable module. + Caution: This module requires additional review when modified. + This driver will have external input - variable data. They may be input in SMM mode. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + VariableServiceGetNextVariableName () and VariableServiceQueryVariableInfo() are external API. + They need check input parameter. + + VariableServiceGetVariable() and VariableServiceSetVariable() are external API + to receive datasize and data buffer. The size should be checked carefully. + Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -2276,6 +2287,10 @@ VariableLockRequestToLock ( This code finds variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode, and datasize is external input. + This function will do basic validation, before parse the data. + @param VariableName Name of Variable to be found. @param VendorGuid Variable vendor GUID. @param Attributes Attribute value of the variable found. @@ -2353,6 +2368,9 @@ Done: This code Finds the Next available variable. + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode. This function will do basic validation, before parse the data. + @param VariableNameSize Size of the variable name. @param VariableName Pointer to variable name. @param VendorGuid Variable Vendor Guid. @@ -2515,6 +2533,10 @@ Done: This code sets variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode, and datasize and data are external input. + This function will do basic validation, before parse the data. + @param VariableName Name of Variable to be found. @param VendorGuid Variable vendor GUID. @param Attributes Attribute value of the variable found @@ -2686,6 +2708,9 @@ Done: This code returns information about the EFI variables. + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode. This function will do basic validation, before parse the data. + @param Attributes Attributes bitmask to specify the type of variables on which to return information. @param MaximumVariableStorageSize Pointer to the maximum size of the storage space available @@ -2839,6 +2864,9 @@ VariableServiceQueryVariableInfoInternal ( This code returns information about the EFI variables. + Caution: This function may receive untrusted input. + This function may be invoked in SMM mode. This function will do basic validation, before parse the data. + @param Attributes Attributes bitmask to specify the type of variables on which to return information. @param MaximumVariableStorageSize Pointer to the maximum size of the storage space available @@ -2910,7 +2938,10 @@ VariableServiceQueryVariableInfo ( /** This function reclaims variable storage if free size is below the threshold. - + + Caution: This function may be invoked at SMM mode. + Care must be taken to make sure not security issue. + **/ VOID ReclaimForOS( diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index 2585203120..f8ee4684e2 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -3,6 +3,11 @@ # # It provides four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. # +# Caution: This module requires additional review when modified. +# This driver will have external input - variable data. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. +# # Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
# # This program and the accompanying materials diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni index b91e18a339..ee8acd0ad1 100644 Binary files a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni and b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.uni differ diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c index 7ca3326a88..14e421cb79 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c @@ -4,6 +4,16 @@ and volatile storage space and install variable architecture protocol based on SMM variable module. + Caution: This module requires additional review when modified. + This driver will have external input - variable data. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + RuntimeServiceGetVariable() and RuntimeServiceSetVariable() are external API + to receive data buffer. The size should be checked carefully. + + InitCommunicateBuffer() is really function to check the variable data size. + Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -97,6 +107,9 @@ ReleaseLockOnlyAtBootTime ( The communicate size is: SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + DataSize. + Caution: This function may receive untrusted input. + The data size external input, so this function will validate it carefully to avoid buffer overflow. + @param[out] DataPtr Points to the data in the communicate buffer. @param[in] DataSize The data size to send to SMM. @param[in] Function The function number to initialize the communicate header. @@ -234,6 +247,9 @@ Done: /** This code finds variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + The data size is external input, so this function will validate it carefully to avoid buffer overflow. + @param[in] VariableName Name of Variable to be found. @param[in] VendorGuid Variable vendor GUID. @param[out] Attributes Attribute value of the variable found. @@ -453,6 +469,9 @@ Done: /** This code sets variable in storage blocks (Volatile or Non-Volatile). + Caution: This function may receive untrusted input. + The data size and data are external input, so this function will validate it carefully to avoid buffer overflow. + @param[in] VariableName Name of Variable to be found. @param[in] VendorGuid Variable vendor GUID. @param[in] Attributes Attribute value of the variable found diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf index 644c4fce67..4bd470662f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf @@ -5,6 +5,11 @@ # four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo # and works with SMM variable module together. # +# Caution: This module requires additional review when modified. +# This driver will have external input - variable data. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. +# # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# # This program and the accompanying materials diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni index 5b5dcd8ab3..39cf83edec 100644 Binary files a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni and b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.uni differ -- cgit v1.2.3