From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from huawei.com (huawei.com [45.249.212.35])
 by mx.groups.io with SMTP id smtpd.web12.9714.1597216151274157918
 for <devel@edk2.groups.io>;
 Wed, 12 Aug 2020 00:09:12 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: huawei.com, ip: 45.249.212.35, mailfrom: xiewenyi2@huawei.com)
Received: from DGGEMS406-HUB.china.huawei.com (unknown [172.30.72.58])
	by Forcepoint Email with ESMTP id 02BF5F53E91EFC7D6E87
	for <devel@edk2.groups.io>; Wed, 12 Aug 2020 15:09:06 +0800 (CST)
Received: from HGH1000039998.huawei.com (10.184.68.188) by
 DGGEMS406-HUB.china.huawei.com (10.3.19.206) with Microsoft SMTP Server id
 14.3.487.0; Wed, 12 Aug 2020 15:08:55 +0800
From: "wenyi,xie" <xiewenyi2@huawei.com>
To: <devel@edk2.groups.io>, <jiewen.yao@intel.com>, <jian.j.wang@intel.com>,
	<chao.b.zhang@intel.com>
CC: <huangming23@huawei.com>, <songdongkuang@huawei.com>
Subject: [PATCH EDK2 v1 0/1] Enhanced verification of Offset(CVE-2019-14562)
Date: Wed, 12 Aug 2020 15:04:45 +0800
Message-ID: <1597215886-48713-1-git-send-email-xiewenyi2@huawei.com>
X-Mailer: git-send-email 2.8.1
MIME-Version: 1.0
X-Originating-IP: [10.184.68.188]
X-CFilter-Loop: Reflected
Content-Type: text/plain

Main Changes:
1.check offset inbetween VirtualAddress and VirtualAddress + Size.
2.Using SafeintLib to do offset addition with result check.

Code can also be found in github:
https://github.com/leadsama/edk2.git
branch: bug-2215-v1

Wenyi Xie (1):
  SecurityPkg/DxeImageVerificationLib:Enhanced verification of
    Offset(CVE-2019-14562)

 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf |  1 +
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h   |  1 +
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c   | 21 +++++++++++++++-----
 3 files changed, 18 insertions(+), 5 deletions(-)

-- 
2.20.1.windows.1