Attention is currently required from: Furquan Shaikh, Martin Roth, Michał Żygowski, Marshall Dawson, Nikolai Vyssotski, Andrey Petrov, Patrick Rudolph, Nathaniel L Desimone.
1 comment:
File src/drivers/intel/fsp2_0/util.c:
Patch Set #3, Line 14: looks_like_fsp_header
> irrespective of you are considering this new API or not, inclusion of MultiSi API into your EDK2 […]
i believe upper boundary check is always prescribed isn't it. we don't know what for those additional bytes are being introduced?
Assume for this case, if we really want to discard those additional 4 bytes of MultiSi API then can't we check if FSP_INFO_HEADER.HeaderRevision < 5 then FSP_INFO_HEADER..HeaderLength - 4 == 72 would help to find the integrity of the FSP header with FSP 2.0 isn't it ? (in this process we actually knew what we are discarding) vs a minimal boundary check?
If FSP_INFO_HEADER.HeaderRevision >= 5 then we are expecting MultiSi is added and in that case FSP_INFO_HEADER..HeaderLength should be 76 with FSP 2.2 spec?
Sorry may be I'm thinking a loud about how someone can explode the situation and introduced few more APIs or some data fields without bootloader knowledge (may be an imaginary situation unless its actually appears)
To view, visit change 56190. To unsubscribe, or for help writing mail filters, visit settings.