From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by mx.groups.io with SMTP id smtpd.web12.45976.1606181195923042407 for ; Mon, 23 Nov 2020 17:26:37 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: byosoft.com.cn, ip: 58.240.74.242, mailfrom: gaoliming@byosoft.com.cn) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Tue, 24 Nov 2020 09:26:33 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: "'Kun Qin'" , "'Yao, Jiewen'" , Cc: "'Wang, Jian J'" , "'Lu, XiaoyuX'" , "'Jiang, Guomin'" References: <20201021023228.1884-1-kun.q@outlook.com> ,<017801d6beff$73c708d0$5b551a70$@byosoft.com.cn> , , In-Reply-To: Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYxIDEvMV0gQ3J5cHRvUGtnOiBCYXNlQ3J5cHRMaWI6IEZpeCBidWZmZXIgZG91YmxlIGZyZWUgaW4gQ3J5cHRQa2NzN1ZlcmlmeUVrdQ==?= Date: Tue, 24 Nov 2020 09:26:35 +0800 Message-ID: <022901d6c200$d940f5f0$8bc2e1d0$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQLkMfLYb5oyIz28ygMtzxfRzLN82QIvQlwQAcnWPaEC6c/d1wHmBlQYA1vwkj8CjDRV2QI8ml+UAo9cJ/OnH7UrsA== Content-Type: multipart/alternative; boundary="----=_NextPart_000_022A_01D6C243.E765E3A0" Content-Language: zh-cn ------=_NextPart_000_022A_01D6C243.E765E3A0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Kun: I see the personal PR (https://github.com/tianocore/edk2/pull/1140 ) pass= ed all checks. So, I think there is no issue for this patch.=20 =20 Thanks Liming =B7=A2=BC=FE=C8=CB: Kun Qin =20 =B7=A2=CB=CD=CA=B1=BC=E4: 2020=C4=EA11=D4=C224=C8=D5 6:49 =CA=D5=BC=FE=C8=CB: Yao, Jiewen ; gaoliming ; devel@edk2.groups.io =B3=AD=CB=CD: Wang, Jian J ; Lu, XiaoyuX ; Jiang, Guomin =D6=F7=CC=E2: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix= buffer double free in CryptPkcs7VerifyEku =20 Hi Jiewen, =20 It looks like the v2 patch went through: https://edk2.groups.io/g/devel/message/67823?p=3D,,,20,0,0,0::Created,,dou= ble+ free,20,2,0,78456278 =20 I also ran the CI build against the branch that has this patch, the PR see= ms to be closed after dependency analysis. But edk2 top of master CI build wa= s failing as is. Please let me know how you would like to proceed. =20 Thanks, Kun =20 From: Yao, Jiewen =20 Sent: Sunday, November 22, 2020 17:24 To: Kun Qin ; gaoliming ; devel@edk2.groups.io =20 Cc: Wang, Jian J ; Lu, XiaoyuX ; Jiang, Guomin =20 Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buff= er double free in CryptPkcs7VerifyEku =20 Sure. It seems Liming already approves it. I will wait one more day to see if there is any other objection from the people in different time zone. =20 At mean time, I need your help to double confirm that, this patch can be merged without any CI error. So, please try Pull-Request by yourself and make sure it pass all CI checks. =20 I have some bad experience that CI error occurs finally, which prevent me from committing. Then we have to go back ask original submitter to fix and generate patch again. It may cause delay and miss the timeline. =20 Thank you Yao Jiewen =20 =20 From: Kun Qin >=20 Sent: Monday, November 23, 2020 9:17 AM To: Yao, Jiewen >; gaoliming >; devel@edk2.groups.io =20 Cc: Wang, Jian J >; Lu, XiaoyuX >; Jiang, Guomin > Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buff= er double free in CryptPkcs7VerifyEku =20 Hi Jiewen, =20 It will be great if you could help me merging in this fix. Please let me know if you need anything else from me to have it merged. =20 Thanks, Kun =20 From: Yao, Jiewen =20 Sent: Sunday, November 22, 2020 04:25 To: Kun Qin ; gaoliming ; devel@edk2.groups.io =20 Cc: Wang, Jian J ; Lu, XiaoyuX ; Jiang, Guomin =20 Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buff= er double free in CryptPkcs7VerifyEku =20 I can help to merge if it is approved. =20 I will add reviewed-by tag when I merge it. =20 Thank you Yao Jiewen =20 From: Kun Qin >=20 Sent: Sunday, November 22, 2020 3:10 PM To: gaoliming = >; devel@edk2.groups.io ; Yao, Jiewen > Cc: Wang, Jian J >; Lu, XiaoyuX >; Jiang, Guomin > Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buff= er double free in CryptPkcs7VerifyEku =20 Hi Liming, =20 It will be great if we can get this in. But I have been having trouble sending a v2 patch that incorporates Jiewen=A1=AFs =A1=B0Reviewed-by=A1=B1= tag through git command line for the past week (no other changes). It kept giving me a= n error of "No host provider available to service this request". Please let = me know if you have any suggestions. =20 Thanks, Kun =20 =20 From: gaoliming =20 Sent: Thursday, November 19, 2020 9:39 PM To: devel@edk2.groups.io ; jiewen.yao@intel.com ; 'Kun Qin' =20 Cc: 'Wang, Jian J' ; 'Lu, XiaoyuX' ; 'Jiang, Guomin' =20 Subject: =BB=D8=B8=B4: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib= : Fix buffer double free in CryptPkcs7VerifyEku =20 Kun: This is a bug fix. It passed code review. Do you request to merge it for this stable tag 202011? Thanks Liming > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: bounce+27952+67567+4905953+8761045@groups.io =20 > > =B4=FA=B1=ED Yao, = Jiewen > =B7=A2=CB=CD=CA=B1=BC=E4: 2020=C4=EA11=D4=C214=C8=D5 8:32 > =CA=D5=BC=FE=C8=CB: Kun Qin >; devel@edk2.groups.io =20 > =B3=AD=CB=CD: Wang, Jian J >; Lu, XiaoyuX > >; Jiang, Guomin >; Yao, > Jiewen > > =D6=F7=CC=E2: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: F= ix buffer > double free in CryptPkcs7VerifyEku >=20 > Sorry, I missed this email. >=20 > Reviewed-by: Jiewen Yao > >=20 >=20 > > -----Original Message----- > > From: Kun Qin > > > Sent: Wednesday, October 21, 2020 10:32 AM > > To: devel@edk2.groups.io =20 > > Cc: Wang, Jian J >; Lu, XiaoyuX > > >; Yao, Jiewen >; Jiang, > > Guomin > > > Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double fre= e in > > CryptPkcs7VerifyEku > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2459 > > > > SignerCert is part of Pkcs7 instance when both have valid content. OpenSLL > > PKCS7_free function will release the memory of SignerCert when applicable. > > Freeing SignerCert with X509_free again might cause page fault if use- > > after-free guard is enabled. > > > > Cc: Jian J Wang = > > > Cc: Xiaoyu Lu > > > Cc: Jiewen Yao > > > Cc: Guomin Jiang > > > > > Signed-off-by: Kun Qin > > > --- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 4 ---- > > 1 file changed, 4 deletions(-) > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c > > index c9fdb65b99d1..40cc39afe7dd 100644 > > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c > > @@ -508,10 +508,6 @@ Exit: > > free (SignedData); > > > > } > > > > > > > > - if (SignerCert !=3D NULL) { > > > > - X509_free (SignerCert); > > > > - } > > > > - > > > > if (Pkcs7 !=3D NULL) { > > > > PKCS7_free (Pkcs7); > > > > } > > > > -- > > 2.28.0.windows.1 >=20 >=20 >=20 >=20 >=20 =20 =20 =20 ------=_NextPart_000_022A_01D6C243.E765E3A0 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable
Kun:

 I see the = personal PR (https://github.com/tianocore/edk2/pull/1140 ) passed all check= s. So, I think there is no issue for this patch.

 

Thanks

Liming

=B7= =A2=BC=FE=C8=CB: Kun Qin <kun.q@outlook.com>
=B7=A2=CB=CD=CA=B1=BC=E4: 2020=C4=EA<= span lang=3DEN-US>11=D4=C224=C8=D5 6:49
=CA=D5=BC=FE=C8=CB:= Yao, Jiewen <jiewen.yao@intel.com>; gaoliming= <gaoliming@byosoft.com.cn>; devel@edk2.groups.io
=B3=AD= = =CB=CD: Wang, Jian J <= jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Jiang,= Guomin <guomin.jiang@intel.com>
=D6=F7=CC=E2: RE: [edk2-devel] [PATCH v1 1/1] C= ryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku<= /o:p>

=  

Hi Jiew= en,

 = ;

It looks like the= v2 patch went through: https://edk2.gr= oups.io/g/devel/message/67823?p=3D,,,20,0,0,0::Created,,double+free,20,2,0,= 78456278

<= o:p> 

I also r= an the CI build against the branch that has this patch, the PR seems to be = closed after dependency analysis. But edk2 top of master CI build was faili= ng as is. Please let me know how you would like to proceed.

 

<= p class=3DMsoNormal>Thanks,

Kun

 

From: Yao, Jiewen
Sent: Sunday, Novemb= er 22, 2020 17:24
To: Kun Qi= n; gaoliming; devel@edk2.groups.io
Cc: Wang, Jian J; Lu, XiaoyuX; Jiang, Guomin
Subject: RE: [edk2-devel] [PATCH v1 1/1] = CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku=

 <= /o:p>

Sure. It seems Limi= ng already approves it.

I will wait one more day to see if there is any other objection f= rom the people in different time zone.

 

<= span lang=3DEN-US>At mean time, I need your help to double confirm that, th= is patch can be merged without any CI error. So, please try Pull-Request by= yourself and make sure it pass all CI checks.

 

I have some bad experience that CI error occurs f= inally, which prevent me from committing. Then we have to go back ask origi= nal submitter to fix and generate patch again. It may cause delay and miss = the timeline.

=  

Thank y= ou

Yao Jiewen<= o:p>

 

 

From= : Kun Qin <kun.q@outlook.com>
Sent: Monday, November 23, 2020 = 9:17 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; gaoliming <gaoliming@byosoft.com.cn>; devel@edk2.groups.io
Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xia= oyuX <xiaoyux.lu@intel.com&g= t;; Jiang, Guomin <guomin.jian= g@intel.com>
Subject: RE: [edk2-devel] [PATCH v1 1/1] Cryp= toPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku

 = ;

Hi Jiewen,

 

It will be great if you cou= ld help me merging in this fix. Please let me know if you need anything els= e from me to have it merged.

 

Thanks,

Kun

&= nbsp;

F= rom: = Yao, Jiewen
Sent: Sunday, November 22, 2020 04:25
To: <= /b>Kun Qin; gaoliming; devel@edk2.groups.io
Cc: Wang, Jian J; Lu, Xiaoyu= X; Jiang, Guomin
Su= bject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buf= fer double free in CryptPkcs7VerifyEku

 

I can help to merge if it is approved.=

 =

I will add reviewed-by tag when= I merge it.

<= o:p> 

Thank yo= u

Yao Jiewen

 

From: Kun Qin <kun.q@outlook.com>
Sent: Sunday, November 22,= 2020 3:10 PM
To: gaoliming <gaoliming@byosoft.com.cn>; devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>
Cc: Wang, Jian J &l= t;jian.j.wang@intel.com>; L= u, XiaoyuX <xiaoyux.lu@intel.com= >; Jiang, Guomin <guomi= n.jiang@intel.com>
Subject: RE: [edk2-devel] [PATCH v1 1/1= ] CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku

 

Hi Liming,<= o:p>

 

It will be great if w= e can get this in. But I have been having trouble sending a v2 patch that i= ncorporates Jiewen=A1=AFs =A1=B0Reviewed-by=A1=B1 tag through git command l= ine for the past week (no other changes). It kept giving me an error of &qu= ot;No host provider available to service this request". Please let me = know if you have any suggestions.

 

Thanks,

Kun

=  

&n= bsp;

Fr= om: gaoliming
Sent: Thursday, November 19, 2020 9:39 PM
= To: devel@edk2.groups.io; <= a href=3D"mailto:jiewen.yao@intel.com">jiewen.yao@intel.com; 'Kun Qin'
Cc: 'Wang, Jian J'; 'Lu, XiaoyuX'; 'Jiang, = Guomin'
Subject: =BB=D8=B8=B4: [edk2-devel] [PATCH v1 1/1] C= ryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku<= /o:p>

 

Kun:
 This is a bug fix. It passed code review. Do you r= equest to merge it for
this stable tag 202011?

Thanks
Liming> -----=D3=CA=BC=FE=D4=AD=BC=FE-----
> <= /span>=B7= = =A2=BC=FE=C8=CB: bounce+27952+67567+4905953+8761045@groups.= io
> <bounce+27952+67567+4905953+8761045@groups.io> =B4=FA=B1=ED Yao, Jiewen
> =B7=A2=CB=CD=CA=B1=BC=E4: 2020=C4=EA11=D4=C214=C8=D5 8:32
> =CA=D5=BC=FE=C8=CB= : Kun Qin <kun.q@outlook.com>; devel@= edk2.groups.io
> =B3=AD=CB=CD: Wang, Ji= an J <jian.j.wang@intel.com= >; Lu, XiaoyuX
> <xiaoy= ux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Yao,
> Jiewen <jiewen.yao@intel.com>
> =D6=F7= = =CC=E2: Re: [edk2-devel] [PATCH v1 1/1] CryptoPk= g: BaseCryptLib: Fix buffer
> double free in CryptPkcs7VerifyEku
&= gt;
> Sorry, I missed this email.
>
> Reviewed-by: Jiew= en Yao <Jiewen.yao@intel.com= >
>
>
> > -----Original Message-----
> >= From: Kun Qin <kun.q@outlook.com>
> > Sent: Wednesday, October 21, 2020 10:32 AM
> >= To: devel@edk2.groups.io
&g= t; > Cc: Wang, Jian J <jian.= j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Jiang,
&= gt; > Guomin <guomin.jiang@= intel.com>
> > Subject: [PATCH v1 1/1] CryptoPkg: BaseCrypt= Lib: Fix buffer double free
in
> > CryptPkcs7VerifyEku
> = >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2459
= > >
> > SignerCert is part of Pkcs7 instance when both have = valid content.
OpenSLL
> > PKCS7_free function will release the= memory of SignerCert when
applicable.
> > Freeing SignerCert w= ith X509_free again might cause page fault if use-
> > after-free = guard is enabled.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc= : Xiaoyu Lu <xiaoyux.lu@intel.co= m>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Guomin Jiang <guomin.jiang@intel.com>
>= >
> > Signed-off-by: Kun Qin <kun.q@outlook.com>
> > ---
> >  Crypt= oPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 4 ----
> >&nb= sp; 1 file changed, 4 deletions(-)
> >
> > diff --git a/C= ryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > b/Crypt= oPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > index c9fdb= 65b99d1..40cc39afe7dd 100644
> > --- a/CryptoPkg/Library/BaseCrypt= Lib/Pk/CryptPkcs7VerifyEku.c
> > +++ b/CryptoPkg/Library/BaseCrypt= Lib/Pk/CryptPkcs7VerifyEku.c
> > @@ -508,10 +508,6 @@ Exit:
>= ; >      free (SignedData);
> >
>= ; >    }
> >
> >
> >
> &= gt; -  if (SignerCert !=3D NULL) {
> >
> > - &n= bsp;  X509_free (SignerCert);
> >
> > -  }
&= gt; >
> > -
> >
> >    if (Pkc= s7 !=3D NULL) {
> >
> >      PKC= S7_free (Pkcs7);
> >
> >    }
> >=
> > --
> > 2.28.0.windows.1
>
>
> >
>

 

 

 

------=_NextPart_000_022A_01D6C243.E765E3A0--