From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by groups.io with SMTP; Mon, 15 Jul 2019 14:58:20 -0700 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 09CDF3E2BB; Mon, 15 Jul 2019 21:58:20 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-117-21.ams2.redhat.com [10.36.117.21]) by smtp.corp.redhat.com (Postfix) with ESMTP id 024C25B681; Mon, 15 Jul 2019 21:58:16 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH 3/3] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling From: "Laszlo Ersek" To: Jordan Justen Cc: edk2-devel-groups-io , Ard Biesheuvel , =?UTF-8?Q?Philippe_Mathieu-Daud=c3=a9?= Reply-To: devel@edk2.groups.io, lersek@redhat.com References: <20190702102836.27589-1-lersek@redhat.com> <20190702102836.27589-4-lersek@redhat.com> Message-ID: <4077dc6e-a80e-3b0b-39b8-a407bac4a010@redhat.com> Date: Mon, 15 Jul 2019 23:58:15 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20190702102836.27589-4-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Mon, 15 Jul 2019 21:58:20 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Jordan, can you please ACK this one patch in the series? Thanks! Laszlo On 07/02/19 12:28, Laszlo Ersek wrote: > Base64Decode() now guarantees that DestinationSize is larger on output > than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean up t= he > retval handling for the first Base64Decode() call in EnrollDefaultKeys, > which used to work around the ambiguity in the previous Base64Decode() > interface contract. >=20 > Cc: Ard Biesheuvel > Cc: Jordan Justen > Cc: Philippe Mathieu-Daud=C3=A9 > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1891 > Signed-off-by: Laszlo Ersek > --- > OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++-------- > 1 file changed, 2 insertions(+), 8 deletions(-) >=20 > diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/En= rollDefaultKeys/EnrollDefaultKeys.c > index f45cb799f726..302b80d97720 100644 > --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c > +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c > @@ -154,14 +154,8 @@ GetPkKek1 ( > Status =3D Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCe= rtSize); > switch (Status) { > case EFI_BUFFER_TOO_SMALL: > - if (DecodedCertSize > 0) { > - break; > - } > - // > - // Fall through: the above Base64Decode() call is ill-specified in= BaseLib > - // if Source decodes to zero bytes (for example if it consists of = ignored > - // whitespace only). > - // > + ASSERT (DecodedCertSize > 0); > + break; > case EFI_SUCCESS: > AsciiPrint ("error: empty certificate after app prefix %g\n", > &gOvmfPkKek1AppPrefixGuid); >=20