[PATCH v2 00/12] Enable New CodeQL Queries

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Bob Feng <bob.c.feng@intel.com>, Dandan Bi <dandan.bi@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Jiaxin Wu <jiaxin.wu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Maciej Rabeda <maciej.rabeda@linux.intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Rahul Kumar <rahul1.kumar@intel.com>, Ray Ni <ray.ni@intel.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Siyuan Fu <siyuan.fu@intel.com>, Star Zeng <star.zeng@intel.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Yuwei Chen <yuwei.chen@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>
Subject: [PATCH v2 00/12] Enable New CodeQL Queries
Date: Tue, 29 Nov 2022 12:32:34 -0500	[thread overview]
Message-ID: <20221129173246.2182-1-mikuback@linux.microsoft.com> (raw)

From: Michael Kubacki <michael.kubacki@microsoft.com>

Adds queries for the following:

1. cpp/conditionallyuninitializedvariable
2. cpp/pointer-overflow-check
3. cpp/overrunning-write
4. cpp/overrunning-write-with-float
5. cpp/very-likely-overrunning-write

These check for vulnerabilities with the following CWEs:

  - https://cwe.mitre.org/data/definitions/120.html
  - https://cwe.mitre.org/data/definitions/457.html
  - https://cwe.mitre.org/data/definitions/676.html
  - https://cwe.mitre.org/data/definitions/758.html
  - https://cwe.mitre.org/data/definitions/787.html
  - https://cwe.mitre.org/data/definitions/805.html

The first part of this patch series contains fixes for CodeQL alerts
across various packages that are produced by the new queries being
enabled.

The second part updates the CodeQL queries.

V2 series changes:

1. MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
   - Applied SafeUintnAdd() to both variables in the comparison
     in ParseAndAddExistingSmbiosTable()

    Addresses feedback from: Mike Kinney

2. CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
   - Changes:

     if (!(Inf & 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {

     To:

     if (!(Inf & 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {

    Addresses feedback from: Mike Kinney

3. MdePkg/Library/BaseLib/String.c
   - Removes: #include <Uefi/UefiBaseType.h>
   - Changes conditional style in changes to if statement from
     ternary for changes made throughout the file
   - Updates commit message to describe change in return value

   Addresses feedback from: Mike Kinney

4. NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c
   - Changes:

     if (!EFI_ERROR (Status) && (Data > HTTP_URI_PORT_MAX_NUM)) {
       Status = EFI_INVALID_PARAMETER;
       goto ON_EXIT;
     }

     To:

     if (EFI_ERROR (Status) || (Data > HTTP_URI_PORT_MAX_NUM)) {
       Status = EFI_INVALID_PARAMETER;
       goto ON_EXIT;
     }

   Addresses feedback from: Mike Kinney

5. ShellPkg/Application/Shell/Shell.c
   - Initializes CalleeStatus to EFI_SUCCESS in DoStartupScript()
   - Restores original if statement logic in DoStartupScript()

   Addresses feedback from: Zhichao Gao

6. ShellPkg/Application/Shell/ShellProtocol.c
   - Adds additional check for return value from
     PARSE_HANDLE_DATABASE_UEFI_DRIVERS() in EfiShellGetDeviceName()

   Addresses feedback from: Zhichao Gao

7. Includes up-to-date R-b tags

---

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>

Erich McMillan (1):
  MdeModulePkg/SmbiosDxe: Fix pointer and buffer overflow CodeQL alerts

Michael Kubacki (11):
  BaseTools/PatchCheck.py: Add PCCTS to tab exemption list
  BaseTools/VfrCompile: Fix potential buffer overwrites
  CryptoPkg: Fix conditionally uninitialized variable
  MdeModulePkg: Fix conditionally uninitialized variables
  MdePkg: Fix conditionally uninitialized variables
  NetworkPkg: Fix conditionally uninitialized variables
  PcAtChipsetPkg: Fix conditionally uninitialized variables
  ShellPkg: Fix conditionally uninitialized variables
  UefiCpuPkg: Fix conditionally uninitialized variables
  .github/codeql/edk2.qls: Enable CWE 457, 676, and 758 queries
  .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries

 BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c               | 10 ++--
 BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c              |  4 +-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c                 | 21 ++++---
 MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c                        |  5 +-
 MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c                           | 24 +++++---
 MdeModulePkg/Core/Dxe/Mem/Page.c                              | 17 +++---
 MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c | 25 ++++----
 MdeModulePkg/Library/FileExplorerLib/FileExplorer.c           |  5 +-
 MdeModulePkg/Universal/BdsDxe/BdsEntry.c                      | 33 ++++++-----
 MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c      | 11 ++--
 MdeModulePkg/Universal/HiiDatabaseDxe/Font.c                  | 14 +++--
 MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c                  | 11 +++-
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c         |  2 +-
 MdePkg/Library/BaseLib/String.c                               | 40 ++++++++++---
 NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c                    |  2 +-
 NetworkPkg/TcpDxe/TcpInput.c                                  |  3 +
 PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c            |  9 ++-
 ShellPkg/Application/Shell/Shell.c                            |  1 +
 ShellPkg/Application/Shell/ShellProtocol.c                    | 60 ++++++++++----------
 ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c    | 56 +++++++++---------
 ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c            | 18 +++---
 ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c   |  9 ++-
 ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c        | 14 +++--
 ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c     | 17 ++++--
 ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c        | 21 +++----
 UefiCpuPkg/CpuMpPei/CpuBist.c                                 |  8 ++-
 UefiCpuPkg/CpuMpPei/CpuMpPei.c                                |  8 ++-
 UefiCpuPkg/CpuMpPei/CpuPaging.c                               |  9 ++-
 .github/codeql/edk2.qls                                       | 10 ++++
 BaseTools/Scripts/PatchCheck.py                               |  4 +-
 MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf                |  1 +
 31 files changed, 292 insertions(+), 180 deletions(-)

-- 
2.28.0.windows.1

next             reply	other threads:[~2022-11-29 17:33 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-29 17:32 Michael Kubacki [this message]
2022-11-29 17:32 ` [PATCH v2 01/12] MdeModulePkg/SmbiosDxe: Fix pointer and buffer overflow CodeQL alerts Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 02/12] BaseTools/PatchCheck.py: Add PCCTS to tab exemption list Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 03/12] BaseTools/VfrCompile: Fix potential buffer overwrites Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 04/12] CryptoPkg: Fix conditionally uninitialized variable Michael Kubacki
2022-12-01  8:28   ` Yao, Jiewen
2022-11-29 17:32 ` [PATCH v2 05/12] MdeModulePkg: Fix conditionally uninitialized variables Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 06/12] MdePkg: " Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 07/12] NetworkPkg: " Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 08/12] PcAtChipsetPkg: " Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 09/12] ShellPkg: " Michael Kubacki
2022-11-30  6:55   ` Gao, Zhichao
2022-11-29 17:32 ` [PATCH v2 10/12] UefiCpuPkg: " Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 11/12] .github/codeql/edk2.qls: Enable CWE 457, 676, and 758 queries Michael Kubacki
2022-11-29 17:32 ` [PATCH v2 12/12] .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries Michael Kubacki

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221129173246.2182-1-mikuback@linux.microsoft.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox