From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <Jiaxin.wu@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.93; helo=mga11.intel.com;
 envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id B160721163DE0
 for <edk2-devel@lists.01.org>; Mon, 15 Oct 2018 18:34:13 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
 by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 15 Oct 2018 18:34:13 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,386,1534834800"; d="scan'208";a="95519169"
Received: from jiaxinwu-mobl.ccr.corp.intel.com ([10.239.192.155])
 by fmsmga002.fm.intel.com with ESMTP; 15 Oct 2018 18:34:12 -0700
From: Jiaxin Wu <Jiaxin.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Fu Siyuan <siyuan.fu@intel.com>, Ye Ting <ting.ye@intel.com>,
 Wu Jiaxin <jiaxin.wu@intel.com>
Date: Tue, 16 Oct 2018 09:34:10 +0800
Message-Id: <20181016013410.3044-1-Jiaxin.wu@intel.com>
X-Mailer: git-send-email 2.17.1.windows.2
Subject: [Patch] NetworkPkg/IpSecDxe: Fix issue to parse SA Payload.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Oct 2018 01:34:13 -0000

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1251

IpSecDxe failed to create the Child SA during parsing SA Payload, the issue
was caused by the below commit:

SHA-1: 1e0db7b11987d0ec93be7dfe26102a327860fdbd
* MdeModulePkg/NetworkPkg: Checking for NULL pointer before use.

In above commit, it changed the value of IsMatch in Ikev2ChildSaParseSaPayload()
to FALSE. That's correct but it exposed the potential bug in to match the correct
proposal Data, which will cause the issue happen.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
---
 NetworkPkg/IpSecDxe/Ikev2/Utility.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.c b/NetworkPkg/IpSecDxe/Ikev2/Utility.c
index 0c9c929705..d61bae8c9d 100644
--- a/NetworkPkg/IpSecDxe/Ikev2/Utility.c
+++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.c
@@ -2502,15 +2502,16 @@ Ikev2ChildSaParseSaPayload (
           IntegrityAlgorithm == PreferIntegrityAlgorithm &&
           IsSupportEsn == PreferIsSupportEsn
           ) {
         IsMatch = TRUE;
       } else {
-        PreferEncryptAlgorithm   = 0;
-        PreferIntegrityAlgorithm = 0;
-        IsSupportEsn             = TRUE;
+        IntegrityAlgorithm = 0;
+        EncryptAlgorithm   = 0;
+        EncryptKeylength   = 0;
+        IsSupportEsn       = FALSE;
       }
-       ProposalData = (IKEV2_PROPOSAL_DATA*)((UINT8*)(ProposalData + 1) +
+      ProposalData = (IKEV2_PROPOSAL_DATA*)((UINT8*)(ProposalData + 1) +
                      ProposalData->NumTransforms * sizeof (IKEV2_TRANSFORM_DATA));
     }
 
     ProposalData  = (IKEV2_PROPOSAL_DATA *)((IKEV2_SA_DATA *)SaPayload->PayloadBuf + 1);
     if (IsMatch) {
-- 
2.17.1.windows.2