Call for action

Security Enhancement to Mitigate Buffer Overflow in UEFI

DRAFT

Revision 02.0

Enable the Stack Overflow detection to catch stack overflow (especially in System Management Mode (SMM))
1. gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard
2. gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackGuard
Enable the Heap Overflow detection in a debug BIOS to catch potential buffer overflow issue.
1. gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType
2. gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType
3. gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask
Enable the NULL pointer detection to catch the NULL address access.
1. gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask