From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from walk.intel-email.com (walk.intel-email.com [101.227.64.242]) by mx.groups.io with SMTP id smtpd.web10.14169.1667437259891381621 for ; Wed, 02 Nov 2022 18:01:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@byosoft.com.cn header.s=cloud-union header.b=Vo3W+1e+; spf=pass (domain: byosoft.com.cn, ip: 101.227.64.242, mailfrom: gaoliming@byosoft.com.cn) Received: from walk.intel-email.com (localhost [127.0.0.1]) by walk.intel-email.com (Postfix) with ESMTP id 594EDCD1F72B for ; Thu, 3 Nov 2022 09:00:57 +0800 (CST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=byosoft.com.cn; s=cloud-union; t=1667437257; bh=ylH2k982hxpVvmQDxTxAEczgvLDHh5V5eLLqF9iyfoE=; h=From:To:Cc:References:In-Reply-To:Subject:Date; b=Vo3W+1e+aahU7d018Gkd5ZRzgDU1beWOlu/8fIRWMUoDAFftLX9oxd9Jz3cqZ3KjN 4N80MHjTw+4O8IMe6BUSBUZTCoCd0rdCJH+mfrz/U/Pnbg4b1K1BNTC5/9qYYevWMU UydNmjJT8UL1IqNO0fUFOU0hwrmpIo6IlTBb2CJA= Received: from localhost (localhost [127.0.0.1]) by walk.intel-email.com (Postfix) with ESMTP id 549D5CD1F768 for ; Thu, 3 Nov 2022 09:00:57 +0800 (CST) Received: from walk.intel-email.com (localhost [127.0.0.1]) by walk.intel-email.com (Postfix) with ESMTP id 1F8A4CD1F6F7 for ; Thu, 3 Nov 2022 09:00:57 +0800 (CST) Authentication-Results: walk.intel-email.com; none Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by walk.intel-email.com (Postfix) with SMTP id B5123CD1F6FF for ; Thu, 3 Nov 2022 09:00:53 +0800 (CST) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Thu, 03 Nov 2022 09:00:51 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 58.246.60.130 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: "'Pedro Falcato'" , "'Kinney, Michael D'" Cc: "'Yao, Jiewen'" , , "'Vitaly Cheptsov'" , =?UTF-8?Q?'Marvin_H=C3=A4user'?= , "'Liu, Zhiguang'" References: <20221024224324.26540-1-pedro.falcato@gmail.com> In-Reply-To: Subject: =?UTF-8?B?5Zue5aSNOiBbUEFUQ0ggdjIgMS8xXSBNZGVQa2cvQmFzZUxpYjogRml4IG91dC1vZi1ib3VuZHMgcmVhZHMgaW4gU2FmZVN0cmluZw==?= Date: Thu, 3 Nov 2022 09:00:54 +0800 Message-ID: <00df01d8ef1f$b98bef50$2ca3cdf0$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQH9GoSSPELtOXHVpnTk8PFroDRxrgJJiRmWAe+TOHABizE0sAJ8LJTTraIGDIA= Sender: "gaoliming" Content-Type: multipart/alternative; boundary="----=_NextPart_000_00E0_01D8EF62.C7B17940" Content-Language: zh-cn ------=_NextPart_000_00E0_01D8EF62.C7B17940 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Pedro: Marvin gave one suggestion for the code change = (https://edk2.groups.io/g/devel/message/95635). Can you response it? =20 Thanks Liming =E5=8F=91=E4=BB=B6=E4=BA=BA: Pedro Falcato =20 =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2022=E5=B9=B411=E6=9C=883=E6=97=A5 = 7:42 =E6=94=B6=E4=BB=B6=E4=BA=BA: Kinney, Michael D = =E6=8A=84=E9=80=81: Yao, Jiewen ; = devel@edk2.groups.io; Vitaly Cheptsov ; Marvin = H=C3=A4user ; Gao, Liming = ; Liu, Zhiguang =E4=B8=BB=E9=A2=98: Re: [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds = reads in SafeString =20 Can someone push this? Is there a blocker here? =20 On Wed, Oct 26, 2022 at 4:54 PM Kinney, Michael D = > wrote: Acked-by: Michael D Kinney > > -----Original Message----- > From: Yao, Jiewen = > > Sent: Wednesday, October 26, 2022 6:35 AM > To: Kinney, Michael D >; Pedro Falcato = >; = devel@edk2.groups.io =20 > Cc: Vitaly Cheptsov >; Marvin H=C3=A4user = >; Gao, Liming = >; Liu, > Zhiguang > > Subject: RE: [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds reads in = SafeString >=20 > That is good catch. >=20 > Reviewed-by: Jiewen Yao > >=20 >=20 > > -----Original Message----- > > From: Kinney, Michael D > > > Sent: Wednesday, October 26, 2022 12:23 AM > > To: Pedro Falcato >; devel@edk2.groups.io = =20 > > Cc: Vitaly Cheptsov >; Marvin H=C3=A4user > > >; Gao, Liming = >; Liu, > > Zhiguang >; = Yao, Jiewen > > > Subject: RE: [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds reads = in > > SafeString > > > > Adding Jiewen Yao. > > > > Mike > > > > > -----Original Message----- > > > From: Pedro Falcato > > > > Sent: Monday, October 24, 2022 3:43 PM > > > To: devel@edk2.groups.io =20 > > > Cc: Pedro Falcato >; Vitaly Cheptsov > > >; Marvin = H=C3=A4user >; > > > Kinney, Michael D >; Gao, Liming > > >; Liu, = Zhiguang > > > > Subject: [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds reads in > > SafeString > > > > > > OpenCore folks established an ASAN-equipped project to fuzz = Ext4Dxe, > > > which was able to catch these (mostly harmless) issues. > > > > > > Signed-off-by: Pedro Falcato > > > > Cc: Vitaly Cheptsov > > > > Cc: Marvin H=C3=A4user > > > > Cc: Michael D Kinney > > > > Cc: Liming Gao > > > > Cc: Zhiguang Liu > > > > --- > > > MdePkg/Library/BaseLib/SafeString.c | 24 ++++++++++++++++++++---- > > > 1 file changed, 20 insertions(+), 4 deletions(-) > > > > > > diff --git a/MdePkg/Library/BaseLib/SafeString.c > > b/MdePkg/Library/BaseLib/SafeString.c > > > index f338a32a3a41..77a2585ad56d 100644 > > > --- a/MdePkg/Library/BaseLib/SafeString.c > > > +++ b/MdePkg/Library/BaseLib/SafeString.c > > > @@ -863,6 +863,9 @@ StrHexToUintnS ( > > > OUT UINTN *Data > > > ) > > > { > > > + BOOLEAN FoundLeadingZero; > > > + > > > + FoundLeadingZero =3D FALSE; > > > ASSERT (((UINTN)String & BIT0) =3D=3D 0); > > > > > > // > > > @@ -893,11 +896,12 @@ StrHexToUintnS ( > > > // Ignore leading Zeros after the spaces > > > // > > > while (*String =3D=3D L'0') { > > > + FoundLeadingZero =3D TRUE; > > > String++; > > > } > > > > > > if (CharToUpper (*String) =3D=3D L'X') { > > > - if (*(String - 1) !=3D L'0') { > > > + if (!FoundLeadingZero) { > > > *Data =3D 0; > > > return RETURN_SUCCESS; > > > } > > > @@ -992,6 +996,9 @@ StrHexToUint64S ( > > > OUT UINT64 *Data > > > ) > > > { > > > + BOOLEAN FoundLeadingZero; > > > + > > > + FoundLeadingZero =3D FALSE; > > > ASSERT (((UINTN)String & BIT0) =3D=3D 0); > > > > > > // > > > @@ -1022,11 +1029,12 @@ StrHexToUint64S ( > > > // Ignore leading Zeros after the spaces > > > // > > > while (*String =3D=3D L'0') { > > > + FoundLeadingZero =3D TRUE; > > > String++; > > > } > > > > > > if (CharToUpper (*String) =3D=3D L'X') { > > > - if (*(String - 1) !=3D L'0') { > > > + if (!FoundLeadingZero) { > > > *Data =3D 0; > > > return RETURN_SUCCESS; > > > } > > > @@ -2393,6 +2401,9 @@ AsciiStrHexToUintnS ( > > > OUT UINTN *Data > > > ) > > > { > > > + BOOLEAN FoundLeadingZero; > > > + > > > + FoundLeadingZero =3D FALSE; > > > // > > > // 1. Neither String nor Data shall be a null pointer. > > > // > > > @@ -2421,11 +2432,12 @@ AsciiStrHexToUintnS ( > > > // Ignore leading Zeros after the spaces > > > // > > > while (*String =3D=3D '0') { > > > + FoundLeadingZero =3D TRUE; > > > String++; > > > } > > > > > > if (AsciiCharToUpper (*String) =3D=3D 'X') { > > > - if (*(String - 1) !=3D '0') { > > > + if (!FoundLeadingZero) { > > > *Data =3D 0; > > > return RETURN_SUCCESS; > > > } > > > @@ -2517,6 +2529,9 @@ AsciiStrHexToUint64S ( > > > OUT UINT64 *Data > > > ) > > > { > > > + BOOLEAN FoundLeadingZero; > > > + > > > + FoundLeadingZero =3D FALSE; > > > // > > > // 1. Neither String nor Data shall be a null pointer. > > > // > > > @@ -2545,11 +2560,12 @@ AsciiStrHexToUint64S ( > > > // Ignore leading Zeros after the spaces > > > // > > > while (*String =3D=3D '0') { > > > + FoundLeadingZero =3D TRUE; > > > String++; > > > } > > > > > > if (AsciiCharToUpper (*String) =3D=3D 'X') { > > > - if (*(String - 1) !=3D '0') { > > > + if (!FoundLeadingZero) { > > > *Data =3D 0; > > > return RETURN_SUCCESS; > > > } > > > -- > > > 2.38.1 --=20 Pedro Falcato ------=_NextPart_000_00E0_01D8EF62.C7B17940 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Pedro:

=C2=A0Marvin = gave one suggestion for the code change = (https://edk2.groups.io/g/devel/message/95635). Can you response = it?

 

Thanks

Liming

=E5=8F=91=E4=BB= =B6=E4=BA=BA: Pedro Falcato = <pedro.falcato@gmail.com>
=E5=8F=91=E9=80= =81=E6=97=B6=E9=97=B4: = 2022=E5=B9=B411=E6=9C=883=E6=97=A5 7:42
=E6=94=B6=E4=BB=B6=E4=BA=BA: Kinney, Michael D = <michael.d.kinney@intel.com>
=E6=8A=84=E9=80=81: Yao, Jiewen = <jiewen.yao@intel.com>; devel@edk2.groups.io; Vitaly Cheptsov = <vit9696@protonmail.com>; Marvin H=C3=A4user = <mhaeuser@posteo.de>; Gao, Liming = <gaoliming@byosoft.com.cn>; Liu, Zhiguang = <zhiguang.liu@intel.com>
=E4=B8=BB=E9=A2=98: Re: [PATCH v2 1/1] = MdePkg/BaseLib: Fix out-of-bounds reads in = SafeString

 

Can someone push this? Is there a = blocker here?

 

On Wed, Oct 26, 2022 at 4:54 PM = Kinney, Michael D <michael.d.kinney@intel.com= > wrote:

Acked-by: Michael D = Kinney <michael.d.kinney@intel.com>


> = -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Wednesday, = October 26, 2022 6:35 AM
> To: Kinney, Michael D <michael.d.kinney@intel.com>; Pedro Falcato = <pedro.falcato@gmail.com>; devel@edk2.groups.io
> Cc: Vitaly Cheptsov = <vit9696@protonmail.com>; Marvin H=C3=A4user = <mhaeuser@posteo.de>; Gao, Liming <gaoliming@byosoft.com.cn>; Liu,
> = Zhiguang <zhiguang.liu@intel.com>
> Subject: RE: = [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds reads in = SafeString
>
> That is good catch.
>
> = Reviewed-by: Jiewen Yao <Jiewen.yao@Intel.com>
>=
>
> > -----Original Message-----
> > From: = Kinney, Michael D <michael.d.kinney@intel.com>
> > Sent: = Wednesday, October 26, 2022 12:23 AM
> > To: Pedro Falcato = <pedro.falcato@gmail.com>; devel@edk2.groups.io
> > Cc: Vitaly = Cheptsov <vit9696@protonmail.com>; Marvin = H=C3=A4user
> > <mhaeuser@posteo.de>; Gao, Liming <gaoliming@byosoft.com.cn>; Liu,
> > = Zhiguang <zhiguang.liu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> > Subject: RE: = [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds reads in
> > = SafeString
> >
> > Adding Jiewen Yao.
> = >
> > Mike
> >
> > > -----Original = Message-----
> > > From: Pedro Falcato <pedro.falcato@gmail.com>
> > > = Sent: Monday, October 24, 2022 3:43 PM
> > > To: devel@edk2.groups.io
> > > Cc: Pedro = Falcato <pedro.falcato@gmail.com>; Vitaly = Cheptsov
> > <vit9696@protonmail.com>; Marvin H=C3=A4user = <mhaeuser@posteo.de>;
> > > Kinney, = Michael D <michael.d.kinney@intel.com>; Gao, = Liming
> > <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>
> > > = Subject: [PATCH v2 1/1] MdePkg/BaseLib: Fix out-of-bounds reads = in
> > SafeString
> > >
> > > OpenCore = folks established an ASAN-equipped project to fuzz Ext4Dxe,
> > = > which was able to catch these (mostly harmless) issues.
> = > >
> > > Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
> > > Cc: = Vitaly Cheptsov <vit9696@protonmail.com>
> > > Cc: = Marvin H=C3=A4user <mhaeuser@posteo.de>
> > > Cc: = Michael D Kinney <michael.d.kinney@intel.com>
> > > = Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > > Cc: = Zhiguang Liu <zhiguang.liu@intel.com>
> > > = ---
> > >  MdePkg/Library/BaseLib/SafeString.c | 24 = ++++++++++++++++++++----
> > >  1 file changed, 20 = insertions(+), 4 deletions(-)
> > >
> > > diff = --git a/MdePkg/Library/BaseLib/SafeString.c
> > = b/MdePkg/Library/BaseLib/SafeString.c
> > > index = f338a32a3a41..77a2585ad56d 100644
> > > --- = a/MdePkg/Library/BaseLib/SafeString.c
> > > +++ = b/MdePkg/Library/BaseLib/SafeString.c
> > > @@ -863,6 +863,9 = @@ StrHexToUintnS (
> > >    OUT    =    UINTN   *Data
> > >    = )
> > >  {
> > > +  BOOLEAN  = FoundLeadingZero;
> > > +
> > > +  = FoundLeadingZero =3D FALSE;
> > >    ASSERT = (((UINTN)String & BIT0) =3D=3D 0);
> > >
> > = >    //
> > > @@ -893,11 +896,12 @@ = StrHexToUintnS (
> > >    // Ignore leading Zeros = after the spaces
> > >    //
> > = >    while (*String =3D=3D L'0') {
> > > = +    FoundLeadingZero =3D TRUE;
> > >    =   String++;
> > >    }
> > = >
> > >    if (CharToUpper (*String) =3D=3D = L'X') {
> > > -    if (*(String - 1) !=3D L'0') = {
> > > +    if (!FoundLeadingZero) {
> > = >        *Data =3D 0;
> > >  =       return RETURN_SUCCESS;
> > >  =     }
> > > @@ -992,6 +996,9 @@ StrHexToUint64S = (
> > >    OUT      =  UINT64  *Data
> > >    )
> > = >  {
> > > +  BOOLEAN  = FoundLeadingZero;
> > > +
> > > +  = FoundLeadingZero =3D FALSE;
> > >    ASSERT = (((UINTN)String & BIT0) =3D=3D 0);
> > >
> > = >    //
> > > @@ -1022,11 +1029,12 @@ = StrHexToUint64S (
> > >    // Ignore leading Zeros = after the spaces
> > >    //
> > = >    while (*String =3D=3D L'0') {
> > > = +    FoundLeadingZero =3D TRUE;
> > >    =   String++;
> > >    }
> > = >
> > >    if (CharToUpper (*String) =3D=3D = L'X') {
> > > -    if (*(String - 1) !=3D L'0') = {
> > > +    if (!FoundLeadingZero) {
> > = >        *Data =3D 0;
> > >  =       return RETURN_SUCCESS;
> > >  =     }
> > > @@ -2393,6 +2401,9 @@ = AsciiStrHexToUintnS (
> > >    OUT    =    UINTN  *Data
> > >    )
> = > >  {
> > > +  BOOLEAN  = FoundLeadingZero;
> > > +
> > > +  = FoundLeadingZero =3D FALSE;
> > >    //
> = > >    // 1. Neither String nor Data shall be a null = pointer.
> > >    //
> > > @@ -2421,11 = +2432,12 @@ AsciiStrHexToUintnS (
> > >    // = Ignore leading Zeros after the spaces
> > >    = //
> > >    while (*String =3D=3D '0') {
> = > > +    FoundLeadingZero =3D TRUE;
> > = >      String++;
> > >    = }
> > >
> > >    if (AsciiCharToUpper = (*String) =3D=3D 'X') {
> > > -    if (*(String - = 1) !=3D '0') {
> > > +    if (!FoundLeadingZero) = {
> > >        *Data =3D 0;
> > = >        return RETURN_SUCCESS;
> > = >      }
> > > @@ -2517,6 +2529,9 @@ = AsciiStrHexToUint64S (
> > >    OUT    =    UINT64  *Data
> > >    )
> = > >  {
> > > +  BOOLEAN  = FoundLeadingZero;
> > > +
> > > +  = FoundLeadingZero =3D FALSE;
> > >    //
> = > >    // 1. Neither String nor Data shall be a null = pointer.
> > >    //
> > > @@ -2545,11 = +2560,12 @@ AsciiStrHexToUint64S (
> > >    // = Ignore leading Zeros after the spaces
> > >    = //
> > >    while (*String =3D=3D '0') {
> = > > +    FoundLeadingZero =3D TRUE;
> > = >      String++;
> > >    = }
> > >
> > >    if (AsciiCharToUpper = (*String) =3D=3D 'X') {
> > > -    if (*(String - = 1) !=3D '0') {
> > > +    if (!FoundLeadingZero) = {
> > >        *Data =3D 0;
> > = >        return RETURN_SUCCESS;
> > = >      }
> > > --
> > > = 2.38.1



-- =

Pedro = Falcato

------=_NextPart_000_00E0_01D8EF62.C7B17940--