From c9d0fe0817a87313a28b800e001ecf2b5d4bbb5a Mon Sep 17 00:00:00 2001
From: Ruiyu Ni <ruiyu.ni@intel.com>
Date: Wed, 9 Sep 2015 07:50:09 +0000
Subject: MdeModulePkg: Fix a performance data buffer overrun issue

The mBmPerfHeader.Count isn't reset to 0 in BmWriteBootToOsPerformanceData()
so when the actual performance data entry count exceeds the LimitCount,
the performance data collection breaks on condition
if (mBmPerfHeader.Count == LimitCount), but 2nd time calling this function
will not break on condition if (mBmPerfHeader.Count == LimitCount) because
the mBmPerfHeader.Count always bigger than LimitCount, which results buffer
overrun.

(Sync patch r18417 from main trunk.)

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@18420 6f19259b-4bc3-4df7-8a09-765794883524
---
 MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'MdeModulePkg')

diff --git a/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c b/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c
index 7b13ec663c..e45c0bd23a 100644
--- a/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c
+++ b/MdeModulePkg/Library/UefiBootManagerLib/BmPerformance.c
@@ -185,6 +185,11 @@ BmWriteBootToOsPerformanceData (
   //
   PERF_END(NULL, "BDS", NULL, 0);
 
+  //
+  // Reset the entry count
+  //
+  mBmPerfHeader.Count = 0;
+
   //
   // Retrieve time stamp count as early as possible
   //
-- 
cgit v1.2.3