From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+114469+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id C18CFAC1BE5
	for <rebecca@openfw.io>; Thu, 25 Jan 2024 23:06:37 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=cuDX5ZUfua1tcfNVWZCs7NpMDXYrucJSeIiJXYGHQ4o=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1706223996; v=1;
 b=VIFpOddrOFixu+HoX/Dr93febO643mocbSZc88+PssMGhxNVtYaGd1iIhSJfiCBizUybh24l
 2PgxmmCStTwnulrURJIuTqI9sYBvh8zeLMUHVdVnG06MIKErpn5L6AETGs5HP9+uJ2pQcScZbbC
 5tX3NfeL7wHShScjg4nMCvNQ=
X-Received: by 127.0.0.2 with SMTP id jlQcYY7687511xR29HcwcWXj; Thu, 25 Jan 2024 15:06:36 -0800
X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169])
 by mx.groups.io with SMTP id smtpd.web11.783.1706223994172159769
 for <devel@edk2.groups.io>;
 Thu, 25 Jan 2024 15:06:34 -0800
X-Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1d7859efea5so2165295ad.0
        for <devel@edk2.groups.io>; Thu, 25 Jan 2024 15:06:34 -0800 (PST)
X-Gm-Message-State: Rqm2c1N5dDc6h2UwSfTNnlPix7686176AA=
X-Google-Smtp-Source: AGHT+IGMW6+4JH3JRCvSFUWvuxLomPXcFebJAk1X2fcMzJAax+TEtM3ALF0TuFNOVzUatA1z8WqDFQ==
X-Received: by 2002:a17:903:1c3:b0:1d7:2817:a63a with SMTP id e3-20020a17090301c300b001d72817a63amr476150plh.19.1706223993220;
        Thu, 25 Jan 2024 15:06:33 -0800 (PST)
X-Received: from localhost.localdomain ([24.17.138.83])
        by smtp.gmail.com with ESMTPSA id jh1-20020a170903328100b001d752c4f180sm16779plb.94.2024.01.25.15.06.32
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 25 Jan 2024 15:06:32 -0800 (PST)
From: "Doug Flick via groups.io" <dougflick=microsoft.com@groups.io>
To: devel@edk2.groups.io
Cc: Doug Flick <dougflick@microsoft.com>,
	Saloni Kasbekar <saloni.kasbekar@intel.com>,
	Zachary Clark-williams <zachary.clark-williams@intel.com>,
	"Doug Flick [MSFT]" <doug.edk2@gmail.com>
Subject: [edk2-devel] [PATCH v2 07/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Unit Tests
Date: Thu, 25 Jan 2024 13:54:49 -0800
Message-ID: <0e584109537f3cea0b6393d598a69c61dc6912a5.1706219324.git.doug.edk2@gmail.com>
In-Reply-To: <cover.1706219324.git.doug.edk2@gmail.com>
References: <cover.1706219324.git.doug.edk2@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dougflick@microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=VIFpOddr;
	dmarc=none;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

From: Doug Flick <dougflick@microsoft.com>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D4536

Validates that the patch for...

Out-of-bounds read when handling a ND Redirect message with truncated
options

.. has been fixed

Tests the following function to ensure that an out of bounds read does
not occur
Ip6OptionValidation

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
---
 NetworkPkg/Test/NetworkPkgHostTest.dsc        |   1 +
 .../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf    |  42 ++++++
 .../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp    |  20 +++
 .../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp | 129 ++++++++++++++++++
 4 files changed, 192 insertions(+)
 create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
 create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
 create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp

diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/Netwo=
rkPkgHostTest.dsc
index 24dee654df2e..7fa7b0f9d5be 100644
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
@@ -26,6 +26,7 @@ [Components]
   # Build HOST_APPLICATION that tests NetworkPkg=0D
   #=0D
   NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf=0D
+  NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf=0D
 =0D
 # Despite these library classes being listed in [LibraryClasses] below, th=
ey are not needed for the host-based unit tests.=0D
 [LibraryClasses]=0D
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf b/NetworkPkg=
/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
new file mode 100644
index 000000000000..6e4de0745fb5
--- /dev/null
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
@@ -0,0 +1,42 @@
+## @file=0D
+# Unit test suite for the Ip6Dxe using Google Test=0D
+#=0D
+# Copyright (c) Microsoft Corporation.<BR>=0D
+# SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+##=0D
+[Defines]=0D
+  INF_VERSION         =3D 0x00010017=0D
+  BASE_NAME           =3D Ip6DxeUnitTest=0D
+  FILE_GUID           =3D 4F05D17D-D3E7-4AAE-820C-576D46D2D34A=0D
+  VERSION_STRING      =3D 1.0=0D
+  MODULE_TYPE         =3D HOST_APPLICATION=0D
+#=0D
+# The following information is for reference only and not required by the =
build tools.=0D
+#=0D
+#  VALID_ARCHITECTURES           =3D IA32 X64 AARCH64=0D
+#=0D
+[Sources]=0D
+  Ip6DxeGoogleTest.cpp=0D
+  Ip6OptionGoogleTest.cpp=0D
+  ../Ip6Option.c=0D
+=0D
+[Packages]=0D
+  MdePkg/MdePkg.dec=0D
+  MdeModulePkg/MdeModulePkg.dec=0D
+  UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec=0D
+  NetworkPkg/NetworkPkg.dec=0D
+=0D
+[LibraryClasses]=0D
+  GoogleTestLib=0D
+  DebugLib=0D
+  NetLib=0D
+  PcdLib=0D
+=0D
+[Protocols]=0D
+  gEfiDhcp6ServiceBindingProtocolGuid=0D
+=0D
+[Pcd]=0D
+  gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType=0D
+=0D
+[Guids]=0D
+  gZeroGuid=0D
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp b/NetworkPkg=
/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
new file mode 100644
index 000000000000..6ebfd5fdfb70
--- /dev/null
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.cpp
@@ -0,0 +1,20 @@
+/** @file=0D
+  Acts as the main entry point for the tests for the Ip6Dxe module.=0D
+=0D
+  Copyright (c) Microsoft Corporation=0D
+  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+**/=0D
+#include <gtest/gtest.h>=0D
+=0D
+//////////////////////////////////////////////////////////////////////////=
//////=0D
+// Run the tests=0D
+//////////////////////////////////////////////////////////////////////////=
//////=0D
+int=0D
+main (=0D
+  int   argc,=0D
+  char  *argv[]=0D
+  )=0D
+{=0D
+  testing::InitGoogleTest (&argc, argv);=0D
+  return RUN_ALL_TESTS ();=0D
+}=0D
diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp b/Network=
Pkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
new file mode 100644
index 000000000000..f2cd90e1a952
--- /dev/null
+++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp
@@ -0,0 +1,129 @@
+/** @file=0D
+  Tests for Ip6Option.c.=0D
+=0D
+  Copyright (c) Microsoft Corporation=0D
+  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+**/=0D
+#include <gtest/gtest.h>=0D
+=0D
+extern "C" {=0D
+  #include <Uefi.h>=0D
+  #include <Library/BaseLib.h>=0D
+  #include <Library/DebugLib.h>=0D
+  #include "../Ip6Impl.h"=0D
+  #include "../Ip6Option.h"=0D
+}=0D
+=0D
+/////////////////////////////////////////////////////////////////////////=
=0D
+// Defines=0D
+///////////////////////////////////////////////////////////////////////=0D
+=0D
+#define IP6_PREFIX_INFO_OPTION_DATA_LEN    32=0D
+#define OPTION_HEADER_IP6_PREFIX_DATA_LEN  (sizeof (IP6_OPTION_HEADER) + I=
P6_PREFIX_INFO_OPTION_DATA_LEN)=0D
+=0D
+////////////////////////////////////////////////////////////////////////=0D
+// Symbol Definitions=0D
+// These functions are not directly under test - but required to compile=0D
+////////////////////////////////////////////////////////////////////////=0D
+UINT32  mIp6Id;=0D
+=0D
+EFI_STATUS=0D
+Ip6SendIcmpError (=0D
+  IN IP6_SERVICE       *IpSb,=0D
+  IN NET_BUF           *Packet,=0D
+  IN EFI_IPv6_ADDRESS  *SourceAddress       OPTIONAL,=0D
+  IN EFI_IPv6_ADDRESS  *DestinationAddress,=0D
+  IN UINT8             Type,=0D
+  IN UINT8             Code,=0D
+  IN UINT32            *Pointer             OPTIONAL=0D
+  )=0D
+{=0D
+  // ..=0D
+  return EFI_SUCCESS;=0D
+}=0D
+=0D
+////////////////////////////////////////////////////////////////////////=0D
+// Ip6OptionValidation Tests=0D
+////////////////////////////////////////////////////////////////////////=0D
+=0D
+// Define a fixture for your tests if needed=0D
+class Ip6OptionValidationTest : public ::testing::Test {=0D
+protected:=0D
+  // Add any setup code if needed=0D
+  virtual void=0D
+  SetUp (=0D
+    )=0D
+  {=0D
+    // Initialize any resources or variables=0D
+  }=0D
+=0D
+  // Add any cleanup code if needed=0D
+  virtual void=0D
+  TearDown (=0D
+    )=0D
+  {=0D
+    // Clean up any resources or variables=0D
+  }=0D
+};=0D
+=0D
+// Test Description:=0D
+// Null option should return false=0D
+TEST_F (Ip6OptionValidationTest, NullOptionShouldReturnFalse) {=0D
+  UINT8   *option   =3D nullptr;=0D
+  UINT16  optionLen =3D 10; // Provide a suitable length=0D
+=0D
+  EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));=0D
+}=0D
+=0D
+// Test Description:=0D
+// Truncated option should return false=0D
+TEST_F (Ip6OptionValidationTest, TruncatedOptionShouldReturnFalse) {=0D
+  UINT8   option[]  =3D { 0x01 }; // Provide a truncated option=0D
+  UINT16  optionLen =3D 1;=0D
+=0D
+  EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));=0D
+}=0D
+=0D
+// Test Description:=0D
+// Ip6OptionPrefixInfo Option with zero length should return false=0D
+TEST_F (Ip6OptionValidationTest, OptionWithZeroLengthShouldReturnFalse) {=
=0D
+  IP6_OPTION_HEADER  optionHeader;=0D
+=0D
+  optionHeader.Type   =3D Ip6OptionPrefixInfo;=0D
+  optionHeader.Length =3D 0;=0D
+  UINT8  option[sizeof (IP6_OPTION_HEADER)];=0D
+=0D
+  CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));=0D
+  UINT16  optionLen =3D sizeof (IP6_OPTION_HEADER);=0D
+=0D
+  EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));=0D
+}=0D
+=0D
+// Test Description:=0D
+// Ip6OptionPrefixInfo Option with valid length should return true=0D
+TEST_F (Ip6OptionValidationTest, ValidPrefixInfoOptionShouldReturnTrue) {=
=0D
+  IP6_OPTION_HEADER  optionHeader;=0D
+=0D
+  optionHeader.Type   =3D Ip6OptionPrefixInfo;=0D
+  optionHeader.Length =3D 4; // Length 4 * 8 =3D 32=0D
+  UINT8  option[OPTION_HEADER_IP6_PREFIX_DATA_LEN];=0D
+=0D
+  CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));=0D
+=0D
+  EXPECT_TRUE (Ip6IsNDOptionValid (option, IP6_PREFIX_INFO_OPTION_DATA_LEN=
));=0D
+}=0D
+=0D
+// Test Description:=0D
+// Ip6OptionPrefixInfo Option with invalid length should return false=0D
+TEST_F (Ip6OptionValidationTest, InvalidPrefixInfoOptionLengthShouldReturn=
False) {=0D
+  IP6_OPTION_HEADER  optionHeader;=0D
+=0D
+  optionHeader.Type   =3D Ip6OptionPrefixInfo;=0D
+  optionHeader.Length =3D 3; // Length 3 * 8 =3D 24 (Invalid)=0D
+  UINT8  option[sizeof (IP6_OPTION_HEADER)];=0D
+=0D
+  CopyMem (option, &optionHeader, sizeof (IP6_OPTION_HEADER));=0D
+  UINT16  optionLen =3D sizeof (IP6_OPTION_HEADER);=0D
+=0D
+  EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen));=0D
+}=0D
--=20
2.43.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#114469): https://edk2.groups.io/g/devel/message/114469
Mute This Topic: https://groups.io/mt/103964982/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-