From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from szxga04-in.huawei.com (szxga04-in.huawei.com [45.249.212.190])
 by mx.groups.io with SMTP id smtpd.web12.7105.1618364839557979401
 for <devel@edk2.groups.io>;
 Tue, 13 Apr 2021 18:47:20 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: huawei.com, ip: 45.249.212.190, mailfrom: xiewenyi2@huawei.com)
Received: from DGGEMS413-HUB.china.huawei.com (unknown [172.30.72.58])
	by szxga04-in.huawei.com (SkyGuard) with ESMTP id 4FKlf46Rvrz18JHx;
	Wed, 14 Apr 2021 09:45:00 +0800 (CST)
Received: from HGH1000039998.huawei.com (10.184.68.188) by
 DGGEMS413-HUB.china.huawei.com (10.3.19.213) with Microsoft SMTP Server id
 14.3.498.0; Wed, 14 Apr 2021 09:47:10 +0800
From: "wenyi,xie" <xiewenyi2@huawei.com>
To: <devel@edk2.groups.io>, <jiewen.yao@intel.com>, <jian.j.wang@intel.com>,
	<lersek@redhat.com>
CC: <songdongkuang@huawei.com>, <xiewenyi2@huawei.com>
Subject: [PATCH EDK2 v2 1/1] SecurityPkg/FvReportPei: remove redundant sizeof
Date: Wed, 14 Apr 2021 09:43:50 +0800
Message-ID: <1618364630-26124-2-git-send-email-xiewenyi2@huawei.com>
X-Mailer: git-send-email 2.8.1
In-Reply-To: <1618364630-26124-1-git-send-email-xiewenyi2@huawei.com>
References: <1618364630-26124-1-git-send-email-xiewenyi2@huawei.com>
MIME-Version: 1.0
X-Originating-IP: [10.184.68.188]
X-CFilter-Loop: Reflected
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D3333

In function InstallPreHashFvPpi, when calculating the size
of struct HASH_INFO=EF=BC=8Csizeof is used twice. This bug does
not lead to buffer overflow, "sizeof (HASH_INFO)" is 4,
whereas "sizeof (sizeof (HASH_INFO))" is 4 or 8.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 SecurityPkg/FvReportPei/FvReportPei.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SecurityPkg/FvReportPei/FvReportPei.c b/SecurityPkg/FvReport=
Pei/FvReportPei.c
index d709760ea3ce..e82413e090c0 100644
--- a/SecurityPkg/FvReportPei/FvReportPei.c
+++ b/SecurityPkg/FvReportPei/FvReportPei.c
@@ -67,7 +67,7 @@ InstallPreHashFvPpi (
   HASH_INFO                                         *HashInfo;
=20
   PpiSize =3D sizeof (EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI)
-            + sizeof (sizeof (HASH_INFO))
+            + sizeof (HASH_INFO)
             + HashSize;
=20
   PreHashedFvPpi =3D AllocatePool (PpiSize);
--=20
2.20.1.windows.1