From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 64AAB7803D0 for ; Tue, 19 Mar 2024 06:32:25 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=RKfs8yR+8M7oSSTiWtqz3ek8NWcAYPIpswCEIc3UGuM=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1710829944; v=1; b=t4/cHHZ3J5xZq25cbZJtNbKRkfaPW8LS/x3y96vIag25//ojEPk9nM89q9wwybNZa1iXQ8t9 c682sQtZswLwQzRK5sk7azgF3pShBNEm3JJ9GEX67KJ3uWsjjVKSaeE5fOLfUC+igyh/192UxIB OZpfzUZjG90RTm2d7y3CuLn1L7FauemE2E4+JXXZ7TCKO1IM2BDnpzK3zbncY/QnbG3UjpF+LBb 2XV8t63pwI17ruB/lSd4fh/1MHz4j+MOEl4EY7z3dfo3Fug6qf7l92WdcwWuyuYuqQJqO4/83MA p6TPZbX6OwxChMMF6Pl284dXLJSnHvSDGZhXhVWmy00kw== X-Received: by 127.0.0.2 with SMTP id NUz8YY7687511xTqkg1rtKGN; Mon, 18 Mar 2024 23:32:24 -0700 X-Received: from NAM04-BN8-obe.outbound.protection.outlook.com (NAM04-BN8-obe.outbound.protection.outlook.com [40.107.100.137]) by mx.groups.io with SMTP id smtpd.web11.8130.1710827063174471092 for ; Mon, 18 Mar 2024 22:44:23 -0700 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com (2603:10b6:303:9a::19) by DM4PR10MB6015.namprd10.prod.outlook.com (2603:10b6:8:ac::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7386.29; Tue, 19 Mar 2024 05:44:19 +0000 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::532f:a4c9:de07:4741]) by CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::532f:a4c9:de07:4741%4]) with mapi id 15.20.7386.025; Tue, 19 Mar 2024 05:44:19 +0000 From: "Sountharya N via groups.io" To: "devel@edk2.groups.io" , Sountharya N CC: Srinivasan Mani , Prarthana Sagar V Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Topic: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Index: AQHaecB8Ol19uFoD80C9AwEL/RX72A== Date: Tue, 19 Mar 2024 05:44:19 +0000 Message-ID: <20240319054335.707-1-sountharyan@ami.com> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR10MB4594:EE_|DM4PR10MB6015:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: qRrGWsOAfmpl48OPEvz3gCkhNjtW+H0N71QhNTHVz9VGD51ii5dqRfV1uNTqJGgEygwPgzBngjbFJw5zM9adIxw4+lwgg8MBN0Y0Vqjs/C9MGxh7yqimkcMJwR6XAIj/XThwBAZ0R/AhtXbpG/du85ZjSywXw0e8H4XxruuHqTne7QBTp7Hft5VggsrPMLmgYEg+20CToOGoccks70lou7q9rxziXxmEoy8duuasZkQuM+QfPxW7/lZcnXEIj5AX83q318xgSmDVXGgyPA3S7MSpES/Jz71zJrM8FVnRuWQMXetF9TiwM/tzNo8Zmc2EnZtR1eBCH3OVaN2O+wcIO3tkCrU7fuxPVI9HvUxAvOZG6zj0m1V6JwCytspXoNEKtQxqIYhhoPPaC+YgyVeI1mgbDGy1l09/4qBzN+5vVLX3rTFWZm7YabUcxsvV8ph9/g4OrD0yowcDPZhhNQGioNuVYY1Mib3o9BChZ+3DbNVFSpCDN+1KUeRnDGsr6+5+QbqJv8xZIQijS46R0j1ApKvd6kaDkXhLR98dbzWf36TTkHrzOXI49jz2XeAnQVxd11GwunCgmXxXJpCm7uehacKpATNQD9BFQ0mb7HXqozv91OxSVaQo/WncJnVHztr53oTGIDnwFLVGNBDND58Pz97FG8J/AgYzydax631FrLk= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?SWXAFBpnBR8V/PW5CQ+Q0xva+/eEpBkYLneDY7VjiPoCcF8xKYwsyUgDB0?= =?iso-8859-1?Q?rPZWaiHDiBSrrK1uMvS9zkT2/JPBkXuCRW1r/ZC3GKx4f47oyLFfZYNjzG?= =?iso-8859-1?Q?xBSPgQhkOUpQu9MPMMbY5nhDnw2IFQv3zMNM09//PEf4MYdWLx8lTDtqQ7?= =?iso-8859-1?Q?/rhGQEBOnHbSyoHKvFD+HTXfrVvZ9Ei2S/Ioteewy4CE4E4hd+SJtw7cK0?= =?iso-8859-1?Q?uMNKfQ/HMXxX7GG26UqdP91165OD4xhpNSETWD51y5B8j9uZym3pNyRFru?= =?iso-8859-1?Q?RqTfO/2GHQVer+NHLpfUveLO8gIbbKh2zzOEV3Ovbf7WekgZDOFm0Fijh5?= =?iso-8859-1?Q?n7CjV9334zYjLFiwB3muKUILJUQX8mlYlz7+HNrf1wW2nG8VMfmjg6bSIW?= =?iso-8859-1?Q?rWEOxSKHwsbQu4AeVEA3947EC9h0j6xLLQR3B8vtO5G4404BICyqJpLlVH?= =?iso-8859-1?Q?fpbGAecDs5wkkSpeaIGFF1tsi8+Iqnd+Rqpj8cLR0nhhLe5YvI3KFCXnjO?= =?iso-8859-1?Q?0f/poDFDYeGt18G39V7eBmaqMwtRPkg/A/8a2qoEAT3XHuTezn+IxReNiU?= =?iso-8859-1?Q?A3nWY4OlMqcQBoimmucGjKTop2fuRltJ9LZREGwefxck5P90iwxHb+hvL2?= =?iso-8859-1?Q?W/7Kp9qqQvlwzxuJTUKo2Ji5oJ/CEif87LlsykOXLuiHTENjt9NG1c0dBQ?= =?iso-8859-1?Q?PUa/rUcbP1Iw0mm01g79hfTLz4XKiOhbVcpnNVIwpl+3xYBvMwmMVVN4WF?= =?iso-8859-1?Q?oL+KxsitcIqIY2U40FWkYoS4KjOzFY1TpJrGEz5UCoEUkKUbrI8AM16Gpc?= =?iso-8859-1?Q?dari+IUcCVwYQRlw4ct16ly51kk3XN8uGXjuHFhgWm1ABPSGe4oIyQqm+n?= =?iso-8859-1?Q?2AiEEfMszUZw4z7ngwsD/7VaAoilHoFU2jabB4yv8D0pww8ecag84EfetI?= =?iso-8859-1?Q?BGOwKbz4ePWzhIGzUxlGQAuvYKqZ5gJthvLAdqNaMTCRqoQ0M8l3p72nNT?= =?iso-8859-1?Q?TdYyP8dFuETt0PoIAdJKeKSFdkpgKsc6rErR3w54k4wXo/yb4Cg/4gBJDo?= =?iso-8859-1?Q?vqn+y1UzDVhZ47fS3vCRM9raQmxlxkrmpu3hB5CooTThCobOsjHtuultZx?= =?iso-8859-1?Q?gsISXYj6/r5o9rv0TyASg/8xjHS8UFw2YjPmqhV0oqefRfk2ASoU6/IJU/?= =?iso-8859-1?Q?1FrNDplX9Efw3AWAz2NsvvAca6uFJCiD5zmuk6btVm3GCVQ5REOSnUaBnY?= =?iso-8859-1?Q?5G72Rl+kxQ/AwUVcX+/fQ9mm5u66ScJn4tyn2GEQmOFSRIhyZkwX00G4Q0?= =?iso-8859-1?Q?Si3RfsaMnQ2C9dzAav6QGsXA/6fD/sZMKi7jrQIRzZqxf5dY6vngeMsM9A?= =?iso-8859-1?Q?KcILwRlA/PL7ln7/RFQOfxQbnesmK7B6jjFPhJI19pSTnvsGktJZVCFzCE?= =?iso-8859-1?Q?6WEPBpSf6lpl/opt5buIX7hrWOCOHaia+bZLCAZRFMmY81th28f6zoiUoD?= =?iso-8859-1?Q?uKUiLk2O9R/vJFauwuhLqYPiLSx+94uUMRszq9rJI+YvPQOyj4hc//f5C1?= =?iso-8859-1?Q?1BkdKMZKvJOcDKRbmK1FU33b+dXKM3447+OueFPgZSDivbcKl5KS9c45rt?= =?iso-8859-1?Q?tP/VQHUXM+emNKNOVEGqfqTT3FjYaleH5s?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4594.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 874ed429-566e-4fbf-9948-08dc47d79f04 X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Mar 2024 05:44:19.1070 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: d0w/EJTPpkP92TDSxuzPbASc2LJ3+/hpccSBT8ruVdWtpAXe207qABDZr4EU+ZYkA7JWpLYpDrQgGxA2NpI3xw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR10MB6015 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 18 Mar 2024 23:32:23 -0700 Reply-To: devel@edk2.groups.io,sountharyan@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: FWVjyqmBaEG8xAPT7yE0jO5vx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="t4/cHHZ3"; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length =3D 0; Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert =3D (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla= ss, (long)Length); + Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116878): https://edk2.groups.io/g/devel/message/116878 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-