From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from walk.intel-email.com (walk.intel-email.com [101.227.64.242])
 by mx.groups.io with SMTP id smtpd.web11.1682.1668561781599116490
 for <devel@edk2.groups.io>;
 Tue, 15 Nov 2022 17:23:02 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@byosoft.com.cn header.s=cloud-union header.b=ZKULo5/u;
 spf=pass (domain: byosoft.com.cn, ip: 101.227.64.242, mailfrom: gaoliming@byosoft.com.cn)
Received: from walk.intel-email.com (localhost [127.0.0.1])
	by walk.intel-email.com (Postfix) with ESMTP id 63B1ACD1F6C8
	for <devel@edk2.groups.io>; Wed, 16 Nov 2022 09:22:58 +0800 (CST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=byosoft.com.cn;
	s=cloud-union; t=1668561778;
	bh=YqNbiNy1FByPaY6UA0qhXop137wjAnK3XDyqKwrV7Sw=;
	h=From:To:Cc:References:In-Reply-To:Subject:Date;
	b=ZKULo5/uA1OXCbiY7mQwYeFWNRmNak646RrkCFiwkKDx6plFNjcAKD87jIVllbrko
	 rZfUz9bMuektwtLIYiOiRY0gbXg+R65JpG5PZgEGAZ8Q31d9UGFqcL3qhRY+/HrW21
	 VhMMXvQk+bsX0p+xFez01FLjipX9XcOcgRPAHZgw=
Received: from localhost (localhost [127.0.0.1])
	by walk.intel-email.com (Postfix) with ESMTP id 5F2FDCD1F6C3
	for <devel@edk2.groups.io>; Wed, 16 Nov 2022 09:22:58 +0800 (CST)
Received: from walk.intel-email.com (localhost [127.0.0.1])
	by walk.intel-email.com (Postfix) with ESMTP id 2DCB2CD1F699
	for <devel@edk2.groups.io>; Wed, 16 Nov 2022 09:22:58 +0800 (CST)
Authentication-Results: walk.intel-email.com; none
Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242])
	by walk.intel-email.com (Postfix) with SMTP id B64F4CD1F6B0
	for <devel@edk2.groups.io>; Wed, 16 Nov 2022 09:22:55 +0800 (CST)
Received: from DESKTOPS6D0PVI ([58.246.60.130])
	(envelope-sender <gaoliming@byosoft.com.cn>)
	by 192.168.6.13 with ESMTP
	for <bob.c.feng@intel.com>; Wed, 16 Nov 2022 09:22:53 +0800
X-WM-Sender: gaoliming@byosoft.com.cn
X-Originating-IP: 58.246.60.130
X-WM-AuthFlag: YES
X-WM-AuthUser: gaoliming@byosoft.com.cn
From: "gaoliming" <gaoliming@byosoft.com.cn>
To: "'Michael Kubacki'" <mikuback@linux.microsoft.com>,
	<devel@edk2.groups.io>
Cc: "'Bob Feng'" <bob.c.feng@intel.com>,
	"'Dandan Bi'" <dandan.bi@intel.com>,
	"'Eric Dong'" <eric.dong@intel.com>,
	"'Erich McMillan'" <emcmillan@microsoft.com>,
	"'Guomin Jiang'" <guomin.jiang@intel.com>,
	"'Jian J Wang'" <jian.j.wang@intel.com>,
	"'Jiaxin Wu'" <jiaxin.wu@intel.com>,
	"'Jiewen Yao'" <jiewen.yao@intel.com>,
	"'Maciej Rabeda'" <maciej.rabeda@linux.intel.com>,
	"'Michael D Kinney'" <michael.d.kinney@intel.com>,
	"'Rahul Kumar'" <rahul1.kumar@intel.com>,
	"'Ray Ni'" <ray.ni@intel.com>,
	"'Sean Brogan'" <sean.brogan@microsoft.com>,
	"'Siyuan Fu'" <siyuan.fu@intel.com>,
	"'Star Zeng'" <star.zeng@intel.com>,
	"'Xiaoyu Lu'" <xiaoyu1.lu@intel.com>,
	"'Yuwei Chen'" <yuwei.chen@intel.com>,
	"'Zhichao Gao'" <zhichao.gao@intel.com>,
	"'Zhiguang Liu'" <zhiguang.liu@intel.com>
References: <1725FAF86F85AB12.8194@groups.io> <a1b17e67-d2f3-6cb1-78ae-69a2359eb07e@linux.microsoft.com>
In-Reply-To: <a1b17e67-d2f3-6cb1-78ae-69a2359eb07e@linux.microsoft.com>
Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYxIDAwLzEyXSBFbmFibGUgTmV3IENvZGVRTCBRdWVyaWVz?=
Date: Wed, 16 Nov 2022 09:22:54 +0800
Message-ID: <01f901d8f959$f3b83190$db2894b0$@byosoft.com.cn>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQJVNRdbmFKJqyBBydcNTNPuYiE4BALYWTFdrTGGigA=
Sender: "gaoliming" <gaoliming@byosoft.com.cn>
Content-Type: text/plain;
	charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: zh-cn

Michael:
  For BaseTools, MdePkg, and MdeModulePkg, the changes are good to me. =
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

Thanks
Liming
> -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6-----
> =E5=8F=91=E4=BB=B6=E4=BA=BA: Michael Kubacki =
<mikuback@linux.microsoft.com>
> =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: =
2022=E5=B9=B411=E6=9C=8815=E6=97=A5 23:00
> =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io
> =E6=8A=84=E9=80=81: Bob Feng <bob.c.feng@intel.com>; Dandan Bi =
<dandan.bi@intel.com>;
> Eric Dong <eric.dong@intel.com>; Erich McMillan
> <emcmillan@microsoft.com>; Guomin Jiang <guomin.jiang@intel.com>; Jian =
J
> Wang <jian.j.wang@intel.com>; Jiaxin Wu <jiaxin.wu@intel.com>; Jiewen =
Yao
> <jiewen.yao@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Maciej
> Rabeda <maciej.rabeda@linux.intel.com>; Michael D Kinney
> <michael.d.kinney@intel.com>; Rahul Kumar <rahul1.kumar@intel.com>;
> Ray Ni <ray.ni@intel.com>; Sean Brogan <sean.brogan@microsoft.com>;
> Siyuan Fu <siyuan.fu@intel.com>; Star Zeng <star.zeng@intel.com>; =
Xiaoyu Lu
> <xiaoyu1.lu@intel.com>; Yuwei Chen <yuwei.chen@intel.com>; Zhichao Gao
> <zhichao.gao@intel.com>; Zhiguang Liu <zhiguang.liu@intel.com>
> =E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v1 00/12] Enable New =
CodeQL Queries
>=20
> Maintainers/reviewers,
>=20
> This is an important series for us to make progress on enabling CodeQL
> and needs cooperation from maintainers across several packages.
>=20
> I have not received any feedback yet.
>=20
> Most of these patches should not take long to review. Please help =
review
> your patches so we can continue forward momentum on enabling code
> scanning in the repo.
>=20
> Thanks,
> Michael
>=20
> On 11/9/2022 12:32 PM, Michael Kubacki wrote:
> > From: Michael Kubacki <michael.kubacki@microsoft.com>
> >
> > Adds queries for the following:
> >
> > 1. cpp/conditionallyuninitializedvariable
> > 2. cpp/pointer-overflow-check
> > 3. cpp/overrunning-write
> > 4. cpp/overrunning-write-with-float
> > 5. cpp/very-likely-overrunning-write
> >
> > These check for vulnerabilities with the following CWEs:
> >
> >    - https://cwe.mitre.org/data/definitions/120.html
> >    - https://cwe.mitre.org/data/definitions/457.html
> >    - https://cwe.mitre.org/data/definitions/676.html
> >    - https://cwe.mitre.org/data/definitions/758.html
> >    - https://cwe.mitre.org/data/definitions/787.html
> >    - https://cwe.mitre.org/data/definitions/805.html
> >
> > The first part of this patch series contains fixes for CodeQL alerts
> > across various packages that are produced by the new queries being
> > enabled.
> >
> > The second part updates the CodeQL queries.
> >
> > Cc: Bob Feng <bob.c.feng@intel.com>
> > Cc: Dandan Bi <dandan.bi@intel.com>
> > Cc: Eric Dong <eric.dong@intel.com>
> > Cc: Erich McMillan <emcmillan@microsoft.com>
> > Cc: Guomin Jiang <guomin.jiang@intel.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Michael Kubacki <mikuback@linux.microsoft.com>
> > Cc: Rahul Kumar <rahul1.kumar@intel.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Sean Brogan <sean.brogan@microsoft.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Cc: Star Zeng <star.zeng@intel.com>
> > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> > Cc: Yuwei Chen <yuwei.chen@intel.com>
> > Cc: Zhichao Gao <zhichao.gao@intel.com>
> > Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> > Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
> >
> > Erich McMillan (1):
> >    MdeModulePkg/SmbiosDxe: Fix pointer and buffer overflow CodeQL
> alerts
> >
> > Michael Kubacki (11):
> >    BaseTools/PatchCheck.py: Add PCCTS to tab exemption list
> >    BaseTools/VfrCompile: Fix potential buffer overwrites
> >    CryptoPkg: Fix conditionally uninitialized variable
> >    MdeModulePkg: Fix conditionally uninitialized variables
> >    MdePkg: Fix conditionally uninitialized variables
> >    NetworkPkg: Fix conditionally uninitialized variables
> >    PcAtChipsetPkg: Fix conditionally uninitialized variables
> >    ShellPkg: Fix conditionally uninitialized variables
> >    UefiCpuPkg: Fix conditionally uninitialized variables
> >    .github/codeql/edk2.qls: Enable CWE 457, 676, and 758 queries
> >    .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries
> >
> >   BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c               |
> 10 ++--
> >   BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c              |
> 4 +-
> >   CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c                 |
> 21 ++++----
> >   MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c
> |  5 +-
> >   MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c
> | 24 +++++----
> >   MdeModulePkg/Core/Dxe/Mem/Page.c
> | 17 +++---
> >   MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c |
> 25 +++++----
> >   MdeModulePkg/Library/FileExplorerLib/FileExplorer.c           |  5
> +-
> >   MdeModulePkg/Universal/BdsDxe/BdsEntry.c
> | 33 ++++++------
> >   MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c      |
> 11 ++--
> >   MdeModulePkg/Universal/HiiDatabaseDxe/Font.c
> | 14 +++--
> >   MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
> |  4 +-
> >   MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c         |
> 2 +-
> >   MdePkg/Library/BaseLib/String.c
> | 20 ++++---
> >   NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c                    |
> 2 +-
> >   NetworkPkg/TcpDxe/TcpInput.c
> |  3 ++
> >   PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c            |
> 9 ++--
> >   ShellPkg/Application/Shell/Shell.c                            |
> 2 +-
> >   ShellPkg/Application/Shell/ShellProtocol.c                    |  4
> +-
> >   ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c    |
> 56 +++++++++++---------
> >   ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c            |
> 18 ++++---
> >   ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c   |
> 9 ++--
> >   ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c        | 14
> ++---
> >   ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c     | 17
> +++---
> >   ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c        | 21
> ++++----
> >   UefiCpuPkg/CpuMpPei/CpuBist.c
> |  8 ++-
> >   UefiCpuPkg/CpuMpPei/CpuMpPei.c
> |  8 ++-
> >   UefiCpuPkg/CpuMpPei/CpuPaging.c
> |  9 +++-
> >   .github/codeql/edk2.qls
> | 10 ++++
> >   BaseTools/Scripts/PatchCheck.py
> |  4 +-
> >   MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf
> |  1 +
> >   31 files changed, 238 insertions(+), 152 deletions(-)
> >