From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id B1C2B7803DA for ; Fri, 17 May 2024 17:55:08 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=AypukQUR/X9JcsldK7zrHOsUPzYuXD07UfudAbfENT4=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715968507; v=1; b=BBcEPcmQU3MMoI12PGuNfMLCLUHsADEA5ySyuQwPl5BO+G4kGz7Hn9U/wHXLoGO4cmPm7arR HzmOpovB2/++mJ9HIRFsr2CvcuICzem1I7obu1jT1nj9y6UUUIaSLVUOBG1BYneOjzQ+1OV1wVD Sc6t33R39y4ACo117R3fX8k7Oa0sUzSwC05ee8aQqWcBVqqE7+rRaU0q+beh/e4kn0JXkEhKD/r tFaZ2h9OE96EGmzPHU0Ilqrze4vdGb0yU/ajuhL8W5VUKLTd1/1vu8XQPx7A0Yh5oJFYM0OVfML nuvw9b8ciEVyoqChNQ7FkoG5+S7aJGut3U4oaZZDeux+A== X-Received: by 127.0.0.2 with SMTP id ZOMOYY7687511xo3KQL6NEZL; Fri, 17 May 2024 10:55:07 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.100]) by mx.groups.io with SMTP id smtpd.web11.37503.1715942225314938455 for ; Fri, 17 May 2024 03:37:05 -0700 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com (2603:10b6:303:9a::19) by CH3PR10MB7648.namprd10.prod.outlook.com (2603:10b6:610:179::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7587.30; Fri, 17 May 2024 10:37:00 +0000 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::9234:7e3f:da96:59eb]) by CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::9234:7e3f:da96:59eb%6]) with mapi id 15.20.7587.028; Fri, 17 May 2024 10:37:00 +0000 From: "Sountharya N via groups.io" To: "devel@edk2.groups.io" , Sountharya N CC: Prarthana Sagar V , Gayathri Thunuguntla , Srinivasan Mani , "yi1.li@intel.com" Subject: [edk2-devel] [PATCH] CryptoPkg: Check ASN1_get_object() return value Thread-Topic: [PATCH] CryptoPkg: Check ASN1_get_object() return value Thread-Index: AQHaqEYmf7NsL0gXAk2bJV6X1fY41A== Date: Fri, 17 May 2024 10:37:00 +0000 Message-ID: <20240517103651.1096-1-sountharyan@ami.com> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR10MB4594:EE_|CH3PR10MB7648:EE_ x-ms-office365-filtering-correlation-id: 1e26063e-f6ba-4680-5f0b-08dc765d48ab x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?iso-8859-1?Q?1TFX8w0GrYlQ7TrxEklyx7hTrv5SARRBuEn/NyvmWGJb6mFkZUFzepD5wb?= =?iso-8859-1?Q?ehmsZn2X0/ulD5TlDCyxDGCmIy9KKenOra78SKj+UbxRM+m/TOJm47i9nP?= =?iso-8859-1?Q?1LuDOMgkH5D+DBuz7pd/bZRHOEEz0+Bzh+RN3UZNgTXxjL6Z4NoqjtQ0V6?= =?iso-8859-1?Q?R7dBWyiO2S8GEcVzzS1SuINxmKkt3mn6ueQaVU7irHsmgmoGH+AH9orMOr?= =?iso-8859-1?Q?ewSsN8RjtuE1vJAEeQLJ2nc6bXqOtYWEu7pKPUHg3rwDbc9IEJhMeCXdKG?= =?iso-8859-1?Q?sxoQLFVQP19Z9xdN84f4fbghaWt0HTGarIx6t8cuTJ3QKVootVBdq2IlP8?= =?iso-8859-1?Q?jC/q13gjsgkYYxwiohN0T43r8sALh8wZLm2rznwoOaDqqy0IyC4O3YkF3e?= =?iso-8859-1?Q?c0KIPbq8t1LCQibc+6hHX5IqmTXEIlSFpEqqadr9eebtzBi/bIUPliah72?= =?iso-8859-1?Q?qzRs6qj48WgZ3joT8M0CliRWflV7LkabtB4BapSgw8o3F5nrxU20Dj2Gvw?= =?iso-8859-1?Q?V7EsW9uleK1Zjw6unJHtE/+JVIOhiJnu42lEPF0Mt/ShSn3OBMuOTQjJvq?= =?iso-8859-1?Q?N8saWPeevbgBPVcfBNdb+QcjGk41d65cCZHX5zTVgd12SS7OVzBgWYqY6t?= =?iso-8859-1?Q?yJuQcm5v2XaMhgHZUSANCjugPzbHnbV/6HrMmoAV3MmGeuyOqvVnTx42rn?= =?iso-8859-1?Q?tmhC2cuuOhzIkpdrcACKU/+w8VFV8+gzpVq0Y5UouLkzGMtP0XP0cFbZkp?= =?iso-8859-1?Q?/LbgobS5468xq164+vvXh+AztSIPXKbxo3MFEqPQb6Td1FOfINQ9x98gkQ?= =?iso-8859-1?Q?QQNK3du2mJZyuiMhAOKCqMOVyGSW9NLO768yoeS8ldBWgLPU19NI/Ym9AB?= =?iso-8859-1?Q?D+wL2ijHGgesWm9RokiE2l+tUd6s/8EKHLds+fxDxFBTUsjd0ookc/yhDO?= =?iso-8859-1?Q?XwYdWvyy1nBTdhjTDhI5GEcJBIpSnvz0KjAuRDMGJdwsEdqNAib1vGXM4w?= =?iso-8859-1?Q?UOV8S+thcAQmMbVUperEmJiXIgN7HHcNJu3I5HRf10SeTwMvP3Xrl5xVCY?= =?iso-8859-1?Q?7A93HtVp00gjZyQtoUWAKCNoS/dVwlDNZojz+LFlnyprHFGR/krVcz0XAX?= =?iso-8859-1?Q?9TJ6ZJdHoW9rsGqsbJBqcmkRh5hAcOgSdGS/eJgPhlKHOBXHI+ongqRdLk?= =?iso-8859-1?Q?+D58lhOjNjKc4cM9kpuZeLd91nlLSjo+a0UiwYdNWPoOff083FDHgikl57?= =?iso-8859-1?Q?5hIiQ8Ix1rz0g+zTxUoItX1GzNj35uFrPusuIRCqw0PcEYAH8iSnmQ6X36?= =?iso-8859-1?Q?6OSa+/y2jBNTY5jNFKWIZVExOg=3D=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?sEdw02rqnvgUm3zJ9EaOrNv5uvJKv50iiII1tcIoyWAigxebc4F1qCKr9t?= =?iso-8859-1?Q?HlVlLp5UEpr28pfr8cDaGUPVZ/lX5uQSD+C5qNbEByuuD81XDGUPD5ABiY?= =?iso-8859-1?Q?wRB0zurerulLKzusqkSZnbqzVnCdQkADOrdPHTj1CeiPIrl9Q0ger3QSxB?= =?iso-8859-1?Q?SOUzwIftEPTRigg6wLCjg0Pv+H3EayUv2nURj9bB4+c2OrBj4OU7hKIaMH?= =?iso-8859-1?Q?aEWiROJeVZxjyPbKdlLopjI80cuSh6jpjN2Wegs5blP/Zb1nfTEFrU2wTH?= =?iso-8859-1?Q?Xm/X+EoRuO7BV2L45Ih0eDNfHBbXA3matVSBJfu9Vb6wGN4exIjw94qZQo?= =?iso-8859-1?Q?c3QHpQFkms/UqhJLCn76UVAsEBOZBxPIbkNeiKIZ1b+RUhYkSgeXnjGSAy?= =?iso-8859-1?Q?YdY1wke1TnW944xeeSvCr1y84xb1vQ3tQzEjBMlCxrdANZk3b+yB1j8Zha?= =?iso-8859-1?Q?2M3g8AgW421nc3eGY4hwOUGSrDlCWvsiSMk30VI4gmKExH96ZGa6CXe/W2?= =?iso-8859-1?Q?kI7UZ7RWPlaiSWpFEEh7zftJ/qfIC5jtvyXiqd76zqOLwP+h4U+J7tdTkV?= =?iso-8859-1?Q?KKpuKpRUhOuLfR3qLXBnRHriCkyBmu6BuNpzpmD5pxEHz2sjszPVSXRtxt?= =?iso-8859-1?Q?BE1hdOJJxNQ7cMqgppfrEzs5JF/Ck3XFMw4CTkH8bD0GG/lEX+sJWvUMmL?= =?iso-8859-1?Q?yLkbjb16QTnAQOLD/fFqQNtdQMAPzyqTfcmaawRpvp2N/U2vW5Nu7/Fy5S?= =?iso-8859-1?Q?4/or8zhLyJ7SNyBqI9kOWnTidVmLiIj+JeSB0Po1Qe++UQdQrtQCrhPt+h?= =?iso-8859-1?Q?dPrTJSIEcAYwW+rfb0SP4yWfNjgdTCtf5+K5k4CVGiy2EEVnIuCl3dYdmv?= =?iso-8859-1?Q?/8jKSfhe/9rNZ5+bYd9MskP3ilOCECxXMQ2m50A2jlZTr2JkD4LODxkqpW?= =?iso-8859-1?Q?27vgtxX5stJy4KlANIDtYzLPbiAl1yrsEI2rtlV58wyWDhA9imkrz2ddS/?= =?iso-8859-1?Q?qgrniAG7A40Ituw9TyKiBntyYZ5NloGzTc5wA6F/w7xO3QB/QvESsU5JyA?= =?iso-8859-1?Q?kFBHjSMoG3YkU6c5NG0rxxcKHAxNXkxz6/ZeZaPwseKAB+2Gv2i4ujx76x?= =?iso-8859-1?Q?LNw5sQSse2DJ4q1nivHkLi5kHnRkU+P7hB0tDACGU/uJzzGnzZtcUyES3B?= =?iso-8859-1?Q?VcDUFLbU8TjCIxU5yIJp+9EIE0Oi+0lVPIoZnkAnFvsKhxVSTuNRXHSPLf?= =?iso-8859-1?Q?7yNPmNfbl468BFFZ7rGX1EakDErMck+wsw+s/v1V1FijLDpXETctS7aDye?= =?iso-8859-1?Q?s0kl1Z9vCR7b2QvM64R8NAG3UPn9KL/NSshZYPmhpLjh+N8L7v6k+EU9gC?= =?iso-8859-1?Q?JS/pgZLIoHHPoVbHbgd3XGiQlzaPCCi1eDX/+3XIHwPv0lib4nJcEIcjSi?= =?iso-8859-1?Q?snWKDbY5nuxf7qyCj4y2Ej3/z87WSFqn3rof3Ve9jHcxMEbq8Ge44M2ivs?= =?iso-8859-1?Q?4cpXGFn0+MlhOUhzoWDS4UGK8q8YnleRCltW1JyKHoWEADVqa9y5/qsX4Y?= =?iso-8859-1?Q?ulAvaHkTB+WuawodaKc7PnI5s71osWv4PnL59KmJJVh4Lec0cO37zSsYjH?= =?iso-8859-1?Q?AcedCTE42dIkoDL3tbye/9ZfHXaLY/y/Pk9MQjdLImbH1R1EzN+/Z+xw?= =?iso-8859-1?Q?=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4594.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1e26063e-f6ba-4680-5f0b-08dc765d48ab X-MS-Exchange-CrossTenant-originalarrivaltime: 17 May 2024 10:37:00.2555 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: wsggUZ6fDIWnKeBYoIdnt6gjVDk6tL/3lqaBc8RoTsic/KB8Xzp6Nz1i+ZGbXElCmwvMlnEtNXma3rpGfruw+A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR10MB7648 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 17 May 2024 10:55:06 -0700 Resent-From: sountharyan@ami.com Reply-To: devel@edk2.groups.io,sountharyan@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 56DLAVbJo4aBVQhznHkTwwhyx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=BBcEPcmQ; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4509 ASN1_get_object() returns (0x80) in error case and it is compared with (0x0= 0). If ASN1_get_object() returns 0x80 it should returns FALSE, but here it = is compared with (0x00) and if it returns 0x80 it is coming out of the cond= ition and makes the function TRUE. Cc: Sountharya N Cc: Prarthana Sagar V Cc: Gayathri Thunuguntla Cc: Srinivasan Mani Cc: Yi Li Signed-off-by: Sountharya N --- ...e-check-ASN1_get_object-return-value.patch | 47 +++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 0001-Add-variable-check-ASN1_get_object-return-value.pa= tch diff --git a/0001-Add-variable-check-ASN1_get_object-return-value.patch b/0= 001-Add-variable-check-ASN1_get_object-return-value.patch new file mode 100644 index 0000000000..3bd7f69ab2 --- /dev/null +++ b/0001-Add-variable-check-ASN1_get_object-return-value.patch @@ -0,0 +1,47 @@ +grom 4bffb95cc9f16f1ee25155b0dde9e7dc7288134a Mon Sep 17 00:00:00 2001 +From: Sountharya N +Date: Fri, 17 May 2024 15:30:51 +0530 +Subject: [PATCH] Add variable&check ASN1_get_object() return value +To: sountharyan@ami.com + +REF: "https://bugzilla.tianocore.org/show_bug.cgi?id=3D4509" + +ASN1_get_object() returns (0x80) in error case and it is compared with (0x= 00). If ASN1_get_object() returns 0x80 it should returns FALSE, but here it= is compared with (0x00) and if it returns 0x80 it is coming out of the con= dition and makes the function TRUE. + +Cc: Sountharya N + +Cc: Shenba + +Signed-off-by: Sountharya N +--- + CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Lib= rary/BaseCryptLib/Pk/CryptX509.c +index 1182323b63..021cc328f8 100644 +--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c ++++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +@@ -839,17 +839,17 @@ X509GetTBSCert ( + Length =3D 0; + Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (i= nt *)&ObjClass, (long)CertSize); + +- if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { ++ if (((Inf & 0x80) =3D=3D 0x80) || (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + return FALSE; + } + + *TBSCert =3D (UINT8 *)Temp; + +- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCl= ass, (long)Length); ++ Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int = *)&ObjClass, (long)Length); + // + // Verify the parsed TBSCertificate is one correct SEQUENCE data. + // +- if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { ++ if (((Inf & 0x80) =3D=3D 0x80) || (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + return FALSE; + } + +-- +2.35.1.windows.2 + -- 2.35.1.windows.2 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119053): https://edk2.groups.io/g/devel/message/119053 Mute This Topic: https://groups.io/mt/106158469/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-