From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400d:c0d::235; helo=mail-qt0-x235.google.com; envelope-from=rbacik@gmail.com; receiver=edk2-devel@lists.01.org Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8AF8021A143EF for ; Tue, 10 Jul 2018 15:51:10 -0700 (PDT) Received: by mail-qt0-x235.google.com with SMTP id m13-v6so19853862qth.1 for ; Tue, 10 Jul 2018 15:51:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=/pUcR/Uvm0Xtk4DJ398srcukTSTiVWaOpknDks+Ib4E=; b=ZK+hUB817YE7tLGbvx+QYfsvqsbJeYaamQ+X6uoDcbH83zbsaNuC0CBt4KuSnfnqkQ txV6K0iixnAAuwaDVmTZa/oB1db0cFhc9xPorLnjLGieEksjBPEHeK3E6Tn0VBN9lJ7P 4CjqEPnN8QhMktpqHt1Y3WOfaocFpXEhdHzLToTK4v4YGoqpZBiuZs7x8gf/gNAtk8mS 3Od1ZczzJ9BCWtMe4bkYxcG4BGCAow9paBhDL6n+u3yt9Ekq6Jzo92nasuisduyz76Wm hL5IIzstPL3tOCnpvjdyUnPA6cQhcK31xxvEyQn9+ntzqUafdsDcwaJYulxM5TZ16Dir 7eQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=/pUcR/Uvm0Xtk4DJ398srcukTSTiVWaOpknDks+Ib4E=; b=Ay9QTX1BtJKI7KjpR7ImNxzBs7thKKfOWZ49zwceZSdNIhmWMtKi+VB7gGPutRPzsP ZHpiGREj0oLN7cEGMfHLHxGb1mVk9bOjtrc0Va/YZod3cz26bH1E1zSLaOwPNJ8pWFWv qUgCcJ0lD2+yR8OaB2bcSj20O3xqtbcaHy+mYx0HkIOD0U42zUsFnSO4EXEZWuACSGfs /pviIpAaxJUGosJIBUJwXPddvKa9FtnLMoWprp/7W2ZahCPvObkaw/ozL9Hr5bMpjRGb Bd6S3Ol/f568YNP+a/YTags+0ErMPP9DOMBwV1OS+H+14nib/9j4kWGVrphouGrOfLS7 uG7Q== X-Gm-Message-State: APt69E1yNAPUQErMqgd2WbfYc/+rwSsqUpU+nh9aS5DLBqUgSexHhezh oYMlRx3NREW1MLDGvTx6Jn1BduaMGBI= X-Google-Smtp-Source: AAOMgpeR+U2a/9YAAV2LlbD+81kacLe27IWMeTiW7phKSafoDgkyDT8Imf+VPjx2qkqioNqKFxNq2w== X-Received: by 2002:aed:2496:: with SMTP id t22-v6mr24810177qtc.44.1531263069253; Tue, 10 Jul 2018 15:51:09 -0700 (PDT) Received: from lbrmn-lnxub138.ric.broadcom.com ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id i22-v6sm15472112qtc.8.2018.07.10.15.51.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Jul 2018 15:51:08 -0700 (PDT) From: rbacik@gmail.com X-Google-Original-From: roman.bacik@broadcom.com To: edk2-devel@lists.01.org Cc: Chao Zhang , Jiewen Yao , Laszlo Ersek , Vladimir Olovyannikov Date: Tue, 10 Jul 2018 15:51:05 -0700 Message-Id: <20180710225105.28443-1-roman.bacik@broadcom.com> X-Mailer: git-send-email 2.17.1 Subject: [PATCH v2] SecurityPkg: Fix assert when setting key from eMMC/SD/USB X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jul 2018 22:51:10 -0000 From: Roman Bacik When secure boot is enabled, if one loads keys from a FAT formatted eMMC/SD/USB when trying to provision PK/KEK/DB keys via the menu, an assert in StrLen() occurs. This is because the filename starts on odd address, which is not a uint16 aligned boundary: https://bugzilla.tianocore.org/show_bug.cgi?id=1003 Cc: Chao Zhang Cc: Jiewen Yao Cc: Laszlo Ersek Cc: Vladimir Olovyannikov Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Roman Bacik --- SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c index 1b6f88804275..19b13a5569a6 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c @@ -123,6 +123,8 @@ OpenFileByDevicePath( EFI_FILE_PROTOCOL *Handle1; EFI_FILE_PROTOCOL *Handle2; EFI_HANDLE DeviceHandle; + CHAR16 *PathName; + UINTN PathLength; if ((FilePath == NULL || FileHandle == NULL)) { return EFI_INVALID_PARAMETER; @@ -173,6 +175,11 @@ OpenFileByDevicePath( // Handle2 = Handle1; Handle1 = NULL; + PathLength = DevicePathNodeLength(*FilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL); + PathName = AllocateCopyPool(PathLength, ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName); + if (PathName == NULL) { + return EFI_OUT_OF_RESOURCES; + } // // Try to test opening an existing file @@ -180,7 +187,7 @@ OpenFileByDevicePath( Status = Handle2->Open ( Handle2, &Handle1, - ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName, + PathName, OpenMode &~EFI_FILE_MODE_CREATE, 0 ); @@ -192,7 +199,7 @@ OpenFileByDevicePath( Status = Handle2->Open ( Handle2, &Handle1, - ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName, + PathName, OpenMode, Attributes ); @@ -202,6 +209,8 @@ OpenFileByDevicePath( // Handle2->Close (Handle2); + FreePool (PathName); + if (EFI_ERROR(Status)) { return (Status); } -- 2.17.1