From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <heyi.guo@linaro.org>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2607:f8b0:400e:c05::231; helo=mail-pg0-x231.google.com;
 envelope-from=heyi.guo@linaro.org; receiver=edk2-devel@lists.01.org 
Received: from mail-pg0-x231.google.com (mail-pg0-x231.google.com
 [IPv6:2607:f8b0:400e:c05::231])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 2E8CA221EA0A5
 for <edk2-devel@lists.01.org>; Thu,  7 Dec 2017 17:59:55 -0800 (PST)
Received: by mail-pg0-x231.google.com with SMTP id g7so5816091pgs.0
 for <edk2-devel@lists.01.org>; Thu, 07 Dec 2017 18:04:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=from:date:to:cc:subject:message-id:references:mime-version
 :content-disposition:content-transfer-encoding:in-reply-to
 :user-agent; bh=TYop1f7lOFUCb/rZG8Xpj/Q4fPvdrO87WWaH9IfdLlw=;
 b=YueAfcsfptkCOkjnTQYCy1scS42r21yyf/CqKIT4XIuvFfsr/3BcQOf+CduNb6hd4d
 /OEQ6K5yqGyZwQzeR/pIcT/YDWEzOFftO4W8dw+OZGAL3bEw0dHbm3LaH5TWYcy0Ikms
 xWURnnPBYZHNOqMdSfBMukkaF9BtMHprhxhR4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:date:to:cc:subject:message-id:references
 :mime-version:content-disposition:content-transfer-encoding
 :in-reply-to:user-agent;
 bh=TYop1f7lOFUCb/rZG8Xpj/Q4fPvdrO87WWaH9IfdLlw=;
 b=jepgTugHYPt2riYBjhTOldtrt6MuhGhkWWRLb5L1epArmtg5ZjfXvuF31hz7VVG6VG
 q867pxirVSMiDUpl5Tj2nNSR7AKIY5LsQfvw5SHAJJWScaSv8gVAbmt2+lpyV3Jun93B
 qu3Ty0r9GR966iblXw/1a6nDSLje22Bs5ekp1/p0h4mmZ1C2rkPWlVxMjqI3AXc5PMdb
 fGMTewA5AQAoSwsJ+cx9ichE6Qz/rYjOSsmyt+fLoJWuhEgirpPx8tjn9t94HXUEzlPi
 3Dhz6AScLD1ocGo6h147qG04C8g3DoqW8Ioo5BWwzZsoksHFt8B0e0HyizeCg2WKEQea
 tUAQ==
X-Gm-Message-State: AJaThX4PEYMn7gqxLpor/6qknCZocm7fRc+8qPuiRY/xJ8BnR/NipVKL
 l61a6OZ7JtheGMG/bJPCK/DdAg==
X-Google-Smtp-Source: AGs4zMYnOtU38nmO1Tfpa2LfzrC2PPYy19JUU5Rqk34UFXHPirpohMw/gyr10XHGrV0B1cbCyIvdjA==
X-Received: by 10.99.117.87 with SMTP id f23mr26697884pgn.133.1512698669282;
 Thu, 07 Dec 2017 18:04:29 -0800 (PST)
Received: from SZX1000114654 ([45.56.152.117])
 by smtp.gmail.com with ESMTPSA id a78sm11430051pfl.155.2017.12.07.18.04.26
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 07 Dec 2017 18:04:28 -0800 (PST)
From: Guo Heyi <heyi.guo@linaro.org>
X-Google-Original-From: Guo Heyi <g00179230@SZX1000114654>
Date: Fri, 8 Dec 2017 10:04:20 +0800
To: "Wu, Jiaxin" <jiaxin.wu@intel.com>
Cc: Heyi Guo <heyi.guo@linaro.org>,
 "linaro-uefi@lists.linaro.org" <linaro-uefi@lists.linaro.org>,
 "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>,
 "Fu, Siyuan" <siyuan.fu@intel.com>, Junbiao Hong <hongjunbiao@huawei.com>,
 "Zeng, Star" <star.zeng@intel.com>, "Dong, Eric" <eric.dong@intel.com>,
 "Ni, Ruiyu" <ruiyu.ni@intel.com>
Message-ID: <20171208020420.GA64189@SZX1000114654>
References: <1512613307-62879-1-git-send-email-heyi.guo@linaro.org>
 <895558F6EA4E3B41AC93A00D163B727416350E2D@SHSMSX103.ccr.corp.intel.com>
 <5b9ff1f2-d12b-9f81-555f-97fa2a2ef7b3@linaro.org>
 <895558F6EA4E3B41AC93A00D163B7274163516AB@SHSMSX103.ccr.corp.intel.com>
MIME-Version: 1.0
In-Reply-To: <895558F6EA4E3B41AC93A00D163B7274163516AB@SHSMSX103.ccr.corp.intel.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Subject: Re: [RFC] MdeModulePkg/Ip4Dxe: fix ICMP echo reply memory leak
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Dec 2017 01:59:56 -0000
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit

On Fri, Dec 08, 2017 at 12:39:30AM +0000, Wu, Jiaxin wrote:
> Hi Gary,
> 
> Agree to generate a formal patch. You can attach the reviewed-by tag at the same time.
> 
> Can you help to file one Bugzilla for this issue?

No Problem.

> 
> BTW, Do you need us commit the patch or by yourself?

Yes, for I can't commit by myself :)

Thanks and regards,

Gary (Heyi Guo)

> 
> Thanks,
> Jiaxin
> 
> > -----Original Message-----
> > From: Heyi Guo [mailto:heyi.guo@linaro.org]
> > Sent: Thursday, December 7, 2017 8:23 PM
> > To: Wu, Jiaxin <jiaxin.wu@intel.com>; linaro-uefi@lists.linaro.org; edk2-
> > devel@lists.01.org; Fu, Siyuan <siyuan.fu@intel.com>
> > Cc: Junbiao Hong <hongjunbiao@huawei.com>; Zeng, Star
> > <star.zeng@intel.com>; Dong, Eric <eric.dong@intel.com>; Ni, Ruiyu
> > <ruiyu.ni@intel.com>
> > Subject: Re: [RFC] MdeModulePkg/Ip4Dxe: fix ICMP echo reply memory leak
> > 
> > Hi Siyuan and Jiaxin,
> > 
> > Thanks for your review; shall I generate a formal patch and post it
> > again, as well as making some commit message refinement?
> > 
> > Regards,
> > 
> > 
> > Gary (Heyi Guo)
> > 
> > 
> > 在 12/7/2017 3:01 PM, Wu, Jiaxin 写道:
> > > It's is good to me.
> > >
> > > Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
> > >
> > > Thanks,
> > > Jiaxin
> > >
> > >
> > >> -----Original Message-----
> > >> From: Heyi Guo [mailto:heyi.guo@linaro.org]
> > >> Sent: Thursday, December 7, 2017 10:22 AM
> > >> To: linaro-uefi@lists.linaro.org; edk2-devel@lists.01.org
> > >> Cc: Heyi Guo <heyi.guo@linaro.org>; Junbiao Hong
> > >> <hongjunbiao@huawei.com>; Zeng, Star <star.zeng@intel.com>; Dong,
> > Eric
> > >> <eric.dong@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>; Fu, Siyuan
> > >> <siyuan.fu@intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>
> > >> Subject: [RFC] MdeModulePkg/Ip4Dxe: fix ICMP echo reply memory leak
> > >>
> > >> When UEFI receives IPMP echo packets it will enter Ip4IcmpReplyEcho
> > >> function, and then call Ip4Output. However, if Ip4Output gets some
> > >> error and exits early, e.g. fails to find the route entry, memory
> > >> buffer of "Data" gets no chance to be freed and memory leak will be
> > >> caused. If there is such an attacker in the network, we will see UEFI
> > >> runs out of memory and system hangs.
> > >>
> > >> Network stack code is so complicated that this is just a RFC to fix
> > >> this issue. Please provide your comments about this.
> > >>
> > >> Contributed-under: TianoCore Contribution Agreement 1.1
> > >> Signed-off-by: Junbiao Hong <hongjunbiao@huawei.com>
> > >> Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
> > >> Cc: Star Zeng <star.zeng@intel.com>
> > >> Cc: Eric Dong <eric.dong@intel.com>
> > >> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
> > >> Cc: Siyuan Fu <siyuan.fu@intel.com>
> > >> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > >> ---
> > >>   MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Icmp.c | 3 +++
> > >>   1 file changed, 3 insertions(+)
> > >>
> > >> diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Icmp.c
> > >> b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Icmp.c
> > >> index b4b0864..ed6bdbe 100644
> > >> --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Icmp.c
> > >> +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Icmp.c
> > >> @@ -267,6 +267,9 @@ Ip4IcmpReplyEcho (
> > >>                Ip4SysPacketSent,
> > >>                NULL
> > >>                );
> > >> +  if (EFI_ERROR (Status)) {
> > >> +    NetbufFree (Data);
> > >> +  }
> > >>
> > >>   ON_EXIT:
> > >>     NetbufFree (Packet);
> > >> --
> > >> 2.7.4
>