From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169])
 by mx.groups.io with SMTP id smtpd.web11.1101.1687984444454786484
 for <devel@edk2.groups.io>;
 Wed, 28 Jun 2023 13:34:04 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20221208 header.b=QYyIO0qh;
 spf=pass (domain: gmail.com, ip: 209.85.210.169, mailfrom: kuqin12@gmail.com)
Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-666ecb21f86so162290b3a.3
        for <devel@edk2.groups.io>; Wed, 28 Jun 2023 13:34:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687984444; x=1690576444;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=dW6oYUYgBweJ/iDULIb+izJE1cnpatoknYOr6zisVK0=;
        b=QYyIO0qhryxECaDHqk0VGdUUTnEAWcy4vzkV/rzAcIOioHCJv2KsgowWPhsQo7jaoL
         jodiLcxj9UrX+bB8gund9sqZr4VggLMDdJEoK6eR2Uu5ToX1w8JCD35uWgF/R4b9HQwy
         mHDUTMa94WLSFCsJRTfHJCRMdTjQb7kuLXV3Rw5h1LvtKBagVFFAzT3CC6g2Vq0MaZUF
         jRaXWV3SjbkIR8TFRCr+yNYVsNPnP02F5nePL6UFJ7JYkWtR++L8axErgHRwXrAs4AoF
         W++VLdoeEtFHPoB/1OCnN1FVvXfXFM6E3ed262UI07NTsn5iS+YcvqhhWs+fhmG351Vg
         L3Sg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687984444; x=1690576444;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=dW6oYUYgBweJ/iDULIb+izJE1cnpatoknYOr6zisVK0=;
        b=hu4VFJjs5uRWTSc67+UxXnCgUhGY7TczYjlNA+A/gwQibxQpInbx897ycKXFr4Y6B/
         trZYNFX2QRtmfrPvePHiVhOvXz2Ksf8PvuZOvC4jHMfxJQ9SKpjVQvJ3knW7jtCwQSbU
         +yQtkLYVyhUp72XMOjcSJndFv5SD4NOJDGFFHGo73YKGCBFOFk1R+LUsuiy8HkccK5Z1
         vPPuYyuzixuhAwy74ej5lhUHJWGpwuzQwLf4mq0JSP8IW5KIgbPwDm6puog1ntiM88az
         eEv02bovEuUcy7sZ1QtHTNJH/Fpprqid0NO8MeUD/pouSF9hijTYlZtPtJQd1cCHLn/A
         0u2Q==
X-Gm-Message-State: AC+VfDwSF4+wJ1kZNcboT23ct8NbEvkb1aeXdkBYHZQ1qLg+Itu1+5IB
	1wEQuwvMzuG8gNc5cetc1pIwZvu8q2A=
X-Google-Smtp-Source: ACHHUZ7muy5aRMaLiAt71zODe1xAP2WJDNRcNJRVfaddGPIEVF8UTeL98h2o9ZK8gkJeNQlbpMyWqQ==
X-Received: by 2002:a05:6a21:339a:b0:122:450b:48aa with SMTP id yy26-20020a056a21339a00b00122450b48aamr27688145pzb.21.1687984443760;
        Wed, 28 Jun 2023 13:34:03 -0700 (PDT)
Return-Path: <kuqin12@gmail.com>
Received: from MININT-0U7P5GU.redmond.corp.microsoft.com ([2001:4898:80e8:36:c4fd:c6b3:a2ad:4140])
        by smtp.gmail.com with ESMTPSA id x19-20020aa793b3000000b0064d681c753csm6064157pff.40.2023.06.28.13.34.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 28 Jun 2023 13:34:03 -0700 (PDT)
From: "Kun Qin" <kuqin12@gmail.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Sami Mujawar <Sami.Mujawar@arm.com>,
	Pierre Gondois <pierre.gondois@arm.com>
Subject: [PATCH v1 2/2] SecurityPkg: RngDxe: Fixing mAvailableAlgoArray allocator
Date: Wed, 28 Jun 2023 13:33:56 -0700
Message-ID: <20230628203357.2001-3-kuqin12@gmail.com>
X-Mailer: git-send-email 2.41.0.windows.1
In-Reply-To: <20230628203357.2001-1-kuqin12@gmail.com>
References: <20230628203357.2001-1-kuqin12@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

From: Kun Qin <kuqin@microsoft.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4491

mAvailableAlgoArray is currently allocated for "RNG_AVAILABLE_ALGO_MAX"
number of bytes, whereas it was dereferenced as "EFI_RNG_ALGORITHM".

This change fixed the buffer allocation logic by allocating a proper size
of buffer before referencing.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <Sami.Mujawar@arm.com>
Cc: Pierre Gondois <pierre.gondois@arm.com>

Signed-off-by: Kun Qin <kuqin@microsoft.com>
---
 SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c | 2 +-
 SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c=
 b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
index de279cdadeea..1d412ecff61d 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
@@ -33,7 +33,7 @@ GetAvailableAlgorithms (
   UINT16  MinorRevision;=0D
 =0D
   // Rng algorithms 2 times, one for the allocation, one to populate.=0D
-  mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX);=0D
+  mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX * sizeo=
f (EFI_RNG_ALGORITHM));=0D
   if (mAvailableAlgoArray =3D=3D NULL) {=0D
     return EFI_OUT_OF_RESOURCES;=0D
   }=0D
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c b/Secur=
ityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c
index 4b24f5c4a69b..5e621df601fb 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c
@@ -32,7 +32,7 @@ GetAvailableAlgorithms (
   UINT16  MinorRevision;=0D
 =0D
   // Rng algorithms 2 times, one for the allocation, one to populate.=0D
-  mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX);=0D
+  mAvailableAlgoArray =3D AllocateZeroPool (RNG_AVAILABLE_ALGO_MAX * sizeo=
f (EFI_RNG_ALGORITHM));=0D
   if (mAvailableAlgoArray =3D=3D NULL) {=0D
     return EFI_OUT_OF_RESOURCES;=0D
   }=0D
--=20
2.41.0.windows.1