MdePkg: DebugLib: Check Signature in CR in Release Builds #6242
Commits on Sep 30, 2024
-
EmulatorPkg: Add Signature to Graphics Structure
When updating MdePkg's CR macro to enforce signature checking in all usages, it was discovered that EmulatorPkg was initializing a structure without setting the signature for it, causing an error to be returned when CR now checked the signature. This commit updates the graphics stack in EmulatorPkg to set the signature of the data structure and check the return value of the wrapper for the CR macro. Signed-off-by: Oliver Smith-Denny <[email protected]>
-
MdePkg: DebugLib: Check Signature in CR in Release Builds
The CR macro is used to access an enclosing structure from a pointer within the structure. In DEBUG builds (i.e. when MDEPKG_NDEBUG is not set and debug asserts are enabled), this macro does signature validation checking to ensure that the structure that has been found is the correct structure, based on a signature passed in by the caller. However, if MDEPKG_NDEBUG is set or debug asserts are disabled, no signature validation is performed, meaning that CR may return an invalid structure that the caller believes is valid and has had signature validation on, causing undefined behavior (memory corruption). We should where at all possible have defined behavior, particularly in RELEASE builds, which are what typical platforms will ship to consumers. This patch updates CR to do the signature validation in all scenarios to provide defined behavior from the macro. In the event of a signature failure, CR will either 1) assert if !MDEPKG_NDEBUG and debug asserts are enabled (existing behavior) or 2) return NULL to indicate to the caller that signature validation failed. There exist consumers today who already, erroneously, rely on this behavior. Another macro, BASE_CR, exists for callers who do not wish to perform signature validation. Any code that wishes to avoid the signature validation should move to this macro. Signed-off-by: Oliver Smith-Denny <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.