* [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. @ 2024-03-19 5:44 Sountharya N via groups.io 2024-03-28 1:46 ` Li, Yi 0 siblings, 1 reply; 5+ messages in thread From: Sountharya N via groups.io @ 2024-03-19 5:44 UTC (permalink / raw) To: devel@edk2.groups.io, Sountharya N; +Cc: Srinivasan Mani, Prarthana Sagar V Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116878): https://edk2.groups.io/g/devel/message/116878 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. 2024-03-19 5:44 [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c Sountharya N via groups.io @ 2024-03-28 1:46 ` Li, Yi 2024-04-01 11:23 ` Sountharya N via groups.io 0 siblings, 1 reply; 5+ messages in thread From: Li, Yi @ 2024-03-28 1:46 UTC (permalink / raw) To: devel@edk2.groups.io, sountharyan@ami.com Cc: MANI, SRINIVASAN, Prarthana Sagar V, Yao, Jiewen, Hou, Wenxing Hi, Please follow the correct upstream process to avoid Github CI errors. https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-git-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_get_object() success but Asn1Tag != V_ASN1_SEQUENCE ''' both need to be treated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: https://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Sountharya N via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com> Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117189): https://edk2.groups.io/g/devel/message/117189 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. 2024-03-28 1:46 ` Li, Yi @ 2024-04-01 11:23 ` Sountharya N via groups.io 2024-04-02 1:11 ` Li, Yi 0 siblings, 1 reply; 5+ messages in thread From: Sountharya N via groups.io @ 2024-04-01 11:23 UTC (permalink / raw) To: Li, Yi1, devel@edk2.groups.io Cc: Srinivasan Mani, Prarthana Sagar V, Yao, Jiewen, Hou, Wenxing Hi Yi, As you suggested, modified the changes and gave PR. Here I have attached the Link for reference. https://github.com/tianocore/edk2/pull/5507 Thanks, Sountharya -----Original Message----- From: Li, Yi1 <yi1.li@intel.com> Sent: Thursday, March 28, 2024 7:17 AM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: Srinivasan Mani <srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@intel.com> Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. **CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.** Hi, Please follow the correct upstream process to avoid Github CI errors. https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-git-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_get_object() success but Asn1Tag != V_ASN1_SEQUENCE ''' both need to be treated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: https://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Sountharya N via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com> Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117317): https://edk2.groups.io/g/devel/message/117317 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. 2024-04-01 11:23 ` Sountharya N via groups.io @ 2024-04-02 1:11 ` Li, Yi 2024-04-10 11:36 ` Sountharya N via groups.io 0 siblings, 1 reply; 5+ messages in thread From: Li, Yi @ 2024-04-02 1:11 UTC (permalink / raw) To: Sountharya N, devel@edk2.groups.io Cc: MANI, SRINIVASAN, Prarthana Sagar V, Yao, Jiewen, Hou, Wenxing Hi, Please remove 'Reviewed-by: @yi1.li@intel.com' and send V2 patch to devel@edk2.groups.io by send-email. Generate V2 patch: Add '--subject-prefix="PATCH V2" ' when you format patch: git format-patch --subject-prefix="PATCH V2" ... The content of patch looks good to me, will give you my Reviewed-by and push it after receiving your V2 patch. Thanks, Yi -----Original Message----- From: Sountharya N <sountharyan@ami.com> Sent: Monday, April 1, 2024 7:23 PM To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@intel.com> Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Hi Yi, As you suggested, modified the changes and gave PR. Here I have attached the Link for reference. https://github.com/tianocore/edk2/pull/5507 Thanks, Sountharya -----Original Message----- From: Li, Yi1 <yi1.li@intel.com> Sent: Thursday, March 28, 2024 7:17 AM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: Srinivasan Mani <srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@intel.com> Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. **CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.** Hi, Please follow the correct upstream process to avoid Github CI errors. https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-git-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_get_object() success but Asn1Tag != V_ASN1_SEQUENCE ''' both need to be treated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: https://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Sountharya N via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com> Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117301): https://edk2.groups.io/g/devel/message/117301 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. 2024-04-02 1:11 ` Li, Yi @ 2024-04-10 11:36 ` Sountharya N via groups.io 0 siblings, 0 replies; 5+ messages in thread From: Sountharya N via groups.io @ 2024-04-10 11:36 UTC (permalink / raw) To: Li, Yi1, devel@edk2.groups.io Cc: Srinivasan Mani, Prarthana Sagar V, Yao, Jiewen, Hou, Wenxing Hi Yi, I Removed 'Reviewed-by: @yi1.li@intel.com' and Sent V2 patch to devel@edk2.groups.io. Thanks, Sountharya -----Original Message----- From: Li, Yi1 <yi1.li@intel.com> Sent: Tuesday, April 2, 2024 6:42 AM To: Sountharya N <sountharyan@ami.com>; devel@edk2.groups.io Cc: Srinivasan Mani <srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@intel.com> Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Hi, Please remove 'Reviewed-by: @yi1.li@intel.com' and send V2 patch to devel@edk2.groups.io by send-email. Generate V2 patch: Add '--subject-prefix="PATCH V2" ' when you format patch: git format-patch --subject-prefix="PATCH V2" ... The content of patch looks good to me, will give you my Reviewed-by and push it after receiving your V2 patch. Thanks, Yi -----Original Message----- From: Sountharya N <sountharyan@ami.com> Sent: Monday, April 1, 2024 7:23 PM To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@intel.com> Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Hi Yi, As you suggested, modified the changes and gave PR. Here I have attached the Link for reference. https://github.com/tianocore/edk2/pull/5507 Thanks, Sountharya -----Original Message----- From: Li, Yi1 <yi1.li@intel.com> Sent: Thursday, March 28, 2024 7:17 AM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: Srinivasan Mani <srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@intel.com> Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. **CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.** Hi, Please follow the correct upstream process to avoid Github CI errors. https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-git-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_get_object() success but Asn1Tag != V_ASN1_SEQUENCE ''' both need to be treated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: https://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Sountharya N via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com> Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@ami.com> Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117586): https://edk2.groups.io/g/devel/message/117586 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-04-10 13:30 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2024-03-19 5:44 [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c Sountharya N via groups.io 2024-03-28 1:46 ` Li, Yi 2024-04-01 11:23 ` Sountharya N via groups.io 2024-04-02 1:11 ` Li, Yi 2024-04-10 11:36 ` Sountharya N via groups.io
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox