From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4265BD80127 for ; Fri, 17 May 2024 17:55:14 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=YAF8w2qkPh7kR5vbC8BGqaXDE8sq/r3gIyBzlr29ifY=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715968512; v=1; b=ti0lT70rGWsTywxNsRGWB5nDJ+4GrwZ56qnnbEtGHALQ2ZS3yu6tQb0belMeoU/c26O9El8i dsc+CjQa19FH3Ktu8cOB4nUKBeJUpG8zK4jUp52pYGohKy/wpyZGMVPkVdn325kevgQj3jupuSs r/3zkZgXGfJjgswQ59bKwi4dJbds6jUVpJl6pFg75ZgFbDHMsvZpJoS86btDac3weZamA8o0x9x FlpfIQNaOazk/g+e4fb6tfhmlEMgUlgPApqEVSgSoCMCkDACrA0IVq9A0+FICTiIiUjIjSWJeAs A1kqK1+o8fk5PD18PXEoOrDcrNPoidS8DLkLi39WzuHkw== X-Received: by 127.0.0.2 with SMTP id perkYY7687511xCdZe3mdSxG; Fri, 17 May 2024 10:55:12 -0700 X-Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.93]) by mx.groups.io with SMTP id smtpd.web10.37990.1715946474463195773 for ; Fri, 17 May 2024 04:47:54 -0700 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com (2603:10b6:303:9a::19) by MN2PR10MB4191.namprd10.prod.outlook.com (2603:10b6:208:1d1::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7587.30; Fri, 17 May 2024 11:47:50 +0000 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::9234:7e3f:da96:59eb]) by CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::9234:7e3f:da96:59eb%6]) with mapi id 15.20.7587.028; Fri, 17 May 2024 11:47:50 +0000 From: "Sountharya N via groups.io" To: "devel@edk2.groups.io" , Sountharya N CC: Prarthana Sagar V , Gayathri Thunuguntla , Srinivasan Mani , "yi1.li@intel.com" Subject: [edk2-devel] [PATCH] CryptoPkg: Check ASN1_get_object() return value Thread-Topic: [PATCH] CryptoPkg: Check ASN1_get_object() return value Thread-Index: AQHaqFAL0cGNZ0X5uU+IxpcVYA8bcQ== Date: Fri, 17 May 2024 11:47:50 +0000 Message-ID: <20240517114739.647-1-sountharyan@ami.com> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR10MB4594:EE_|MN2PR10MB4191:EE_ x-ms-office365-filtering-correlation-id: 37480ca6-57c3-487e-85a6-08dc76672dfc x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?iso-8859-1?Q?vb7rcM5pbluQmw+80dc7oMWy9NDOvIhKy6w/iRY+0QGclVjy2pg2k1WUky?= =?iso-8859-1?Q?IyjgiFVs+leIrzi95Cb3xsD8MotF6N2HHe2suFv8tOcVIU/islP3bIa24f?= =?iso-8859-1?Q?0e+G6bJZI/D6YPIW5NcYNfneedqvcVuwarL7UKvV+Uq61RHVmr9yVAyotw?= =?iso-8859-1?Q?YumYV+lRaAx25pMlKzDZfFZyNBGMgKCed5wrbNaAIXp9WA/yA+RplTGCrc?= =?iso-8859-1?Q?urE7lDaPbBT0OuItkk4tNQZETn2gA5qlpEkZqftWCrqYubkbQbfnpg+lkT?= =?iso-8859-1?Q?FQ/FU4io0GwJPxyHxiNsQmKhIKzliRBUzsxghsEQDa8/zc7zNNbISyW/s6?= =?iso-8859-1?Q?EXUwoB1KeFUY3e/T5z8UwSbCQ+GHt6mNpyb2pokH2mZITdOdf1BpCz3kgx?= =?iso-8859-1?Q?19B5Dtl1y39XYZMi2yZjRD9sBXLDuDkwYOEUq/vyU8gGiG6u5DysnDBnJN?= =?iso-8859-1?Q?F3JVxjxibgFrejfSVj1i5DzLFdbmkoIaMEEKdRZvxlTh10YAKIvEHmjxS5?= =?iso-8859-1?Q?BjgYpnCYGNLE6oWxKR8NvSYvnZDxRpnYev+l6GXwO8zTckjr8ZJS2bheuq?= =?iso-8859-1?Q?26qYaefzMQfoSYdG5ZaeFWvFlr9VHIbr017z+MoKbiuBFoQFoJy/uYlMqI?= =?iso-8859-1?Q?Hs9+yLAUuJ2oiGKg/WRKyyQS2XobP5zeBg2mJjzM28KRagsCtN/EjDRpEI?= =?iso-8859-1?Q?jac82vkRinAFS1DFuZiQmUzymKt+yVxUF5D+hqKTGlcW62lXltS15D6FWr?= =?iso-8859-1?Q?+0BeqGGYu62NMOWRe65o1sXAXAInf044jlfPF4n/hEJK9S0SIB1gqthErf?= =?iso-8859-1?Q?5m13zYy7ivXdcQ9jj15Ln6yZDlQNVEAuQNpyrpijJqXOjPSGRpf/cYnBIC?= =?iso-8859-1?Q?FVwVkLjLqmAHHusf53IDtQcn2g2ALg1FBpZKBWUgbIIRnbOpURAk6Muj9w?= =?iso-8859-1?Q?ZcFp5ILexnZS/eLVfKHIu8a1AA5CR1WXJwaKlz+FhQLTf1SKa2BuxREPKT?= =?iso-8859-1?Q?cF38QAGqTjHND0Lu5MHgjBb+2+pYjtc+EwMONZ7lGeR8DgpIlvzVuJN+KA?= =?iso-8859-1?Q?XiKLP/ZKHSnJjL0VMoT0T5kow0CQtQFv062MNq/RTiWfq+lnq/KwQwGwt5?= =?iso-8859-1?Q?boxQxEg1zDM+x/nmutKIKiML7nklmnePh+2gHQmIKxEvXk3cUbKZgoIwvr?= =?iso-8859-1?Q?7EXpAaYCBDVNlBaOzgzPIoWnfqMByhc+2Emjyuz8mB1BF3vltSUdfEEGRg?= =?iso-8859-1?Q?iATw+KhkvEBr+MEqcC16H33KSHTP9+UiFEBNwe5EXJWlaSDTSW2Oo7nR8C?= =?iso-8859-1?Q?1q4rSxTXclAKzNPuhbxCV5nr2g=3D=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?sREnYG+rMjqGHm4bLSWNRojkZMWV14H3ZUGFTdMATqRdHTQP/sS88/iNfI?= =?iso-8859-1?Q?r0gqf6B/tIc/uDB/8y8sIHCgOGNwayyBNBSA1JE6fA3qx1AGXTOQXBlpvB?= =?iso-8859-1?Q?upQv6c/dTsWLclOKwk67QW0FOyjelqUnXMKJT+pWNqQj1h2ljz2Uxsq8qx?= =?iso-8859-1?Q?uPUX68jF9tKmTck6hExV9jpbAyjTQwyjKTXPQlgmJR+aRNkQK5UaMHIXbz?= =?iso-8859-1?Q?7qamUpHOwhqSYAXwCh/+nYg3uG1OeFRoXPTcK4Gtllky1MZL+Oh031jc+Q?= =?iso-8859-1?Q?Cy7gOHu3THP1UknUOrrukeKb8XKoymVpC0rElJZxvnQINF0pvLUWut10T2?= =?iso-8859-1?Q?MS6vv6uObh6lHw6OGsV+C1EZTHsoAOt8DlvE7K0a4j+zaKPxYPTupTJAJO?= =?iso-8859-1?Q?ms3AoZXjTvPjuWMAqhUfO5MyrZV9eFsU8gMoYY4KLfkNZmhZldRr63hhzq?= =?iso-8859-1?Q?EJEqCIds4Du1DLeQqQ+ZgtnGVdSH1k9+GX3Woj4Lti8IebJzMsVDrokOle?= =?iso-8859-1?Q?sZbj6Bw5Vjy3Do75Ji+J23K+qHKtmBGwNo6jUeIeoI0Q96XWm79B9fHfyE?= =?iso-8859-1?Q?CoS2QsYjQQy2KrcKcYQQYjqWnPyfc3161Oz7OOVPlEQUwfdawMzOTENCBM?= =?iso-8859-1?Q?Gp7DdCoKbc2WHMr8zBw2CWdTUPjdRSXmrpbw0u5YWMahQg9xYjwH+AiFYm?= =?iso-8859-1?Q?6w7N1ki+/QIy2CBr7K1Mp742W8zTvcYgI9USm8un3Y6KGdZ8pqXKr8VaEa?= =?iso-8859-1?Q?Bmq3PuL7/4G30g0F7zKECZjlxMQSRSWfI056SlNn1C4j2NAyvIp0NePqgD?= =?iso-8859-1?Q?/5e5hoQ6r5r8ytj8voxw6RmMz5UjcAOP7iFy/ucXVxr6gLUkTT66cwHDY7?= =?iso-8859-1?Q?TK1hGGWJPzp3w2NtBJ+eVBNnlKsUu5N99guMj5Qypr+6YuYT+NXUqHfTm+?= =?iso-8859-1?Q?ku54p0mbpb3fi1o5YlK8yIkM6GRsyIGCzbeJ8/77BqpeYXqOaMx1Pc7Bj/?= =?iso-8859-1?Q?toloRjlCmmlg/l00a/edZq4VNVCzNSffE6+1jl94ArQJKfbyqwFBdvQCjj?= =?iso-8859-1?Q?CYjYfrcD3Q27X9X1VSTqN2Kranvct/Tt6p+b3O2oeHQ3ukmJa4mk2GqKFd?= =?iso-8859-1?Q?xMGA6UIvUdbtObgsNGIGgKVFUy4s421pOsA8u3FlnUjY6ACT5JmceDoaoT?= =?iso-8859-1?Q?dIFK024E2FKFvCoRUrEYsystOuFozIZ4cu84hCEKBzoIkSmYlt3yCYHrbE?= =?iso-8859-1?Q?1JSN1N2wkmOUttL0pzcXr3dSKsMBiyQa8/X9S9dtswhyCmf+8ZaoclyZ9j?= =?iso-8859-1?Q?Ci8KPKhWikgZTwT9GmkaIuR8vQNcc25aqmou7jITe+vNjH57riQ5dcEeS9?= =?iso-8859-1?Q?3x5ixoEKkEtQNqkSjwixQwVpEXZXumN2KAwh0NpjTKdXpf4ZrxAMoi4FTK?= =?iso-8859-1?Q?wLakINh6R4G3Jhst4nGdEQFRQAjKcA9HSbc7cSGaer0gVxTHylXVT+6702?= =?iso-8859-1?Q?nVh7j+TuRPSbNxCGRcoGAYq/kkM9SPp5mJND21LmdgjgOpy+IQBcdpYcSR?= =?iso-8859-1?Q?cSVgPsl4nXLq3i/BhR+M2AF4Wl9+aZo7JCFpngERtHFGzsRQywy2/90Fmc?= =?iso-8859-1?Q?/7Fmt80f6kSufHWkVfAknOhWvvDG4jCONmAQeZU/b2i5L1scO1/X7aBQ?= =?iso-8859-1?Q?=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4594.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 37480ca6-57c3-487e-85a6-08dc76672dfc X-MS-Exchange-CrossTenant-originalarrivaltime: 17 May 2024 11:47:50.4555 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: zTjzYNCpzpgDMwsdyOHFKm79KyvWMGcTOJvGaafUv0d3I71Jwks8sTLvVz+EZgtIN+nwArCDElw4isITAoMdDA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR10MB4191 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 17 May 2024 10:55:06 -0700 Resent-From: sountharyan@ami.com Reply-To: devel@edk2.groups.io,sountharyan@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: m28CYvBXAl9kL5r2xHbLO7xLx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=ti0lT70r; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=pass (policy=none) header.from=groups.io REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4509 In ASN1_get_object(), Inf should compare with 0x80 instead of 0x00. Cc: Sountharya N Signed-off-by: Sountharya N --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 1182323b63..021cc328f8 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length =3D 0; Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) || (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert =3D (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla= ss, (long)Length); + Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *= )&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) || (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119054): https://edk2.groups.io/g/devel/message/119054 Mute This Topic: https://groups.io/mt/106158469/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-