From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web09.4061.1581586571563456650 for ; Thu, 13 Feb 2020 01:36:11 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: jiewen.yao@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Feb 2020 01:36:10 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,436,1574150400"; d="scan'208";a="257118134" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by fmsmga004.fm.intel.com with ESMTP; 13 Feb 2020 01:36:10 -0800 Received: from fmsmsx117.amr.corp.intel.com (10.18.116.17) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 13 Feb 2020 01:36:10 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx117.amr.corp.intel.com (10.18.116.17) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 13 Feb 2020 01:36:09 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.126]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.158]) with mapi id 14.03.0439.000; Thu, 13 Feb 2020 17:36:08 +0800 From: "Yao, Jiewen" To: "Wang, Jian J" , "devel@edk2.groups.io" CC: "Zhang, Chao B" , Laszlo Ersek Subject: Re: [PATCH 2/9] SecurityPkg/DxeImageVerificationLib: reject CertStack.CertNumber==0 per DBX(CVE-2019-14575) Thread-Topic: [PATCH 2/9] SecurityPkg/DxeImageVerificationLib: reject CertStack.CertNumber==0 per DBX(CVE-2019-14575) Thread-Index: AQHV3Ph4mOf1brWkI0OFRYPZr4K8JKgY5/Ig Date: Thu, 13 Feb 2020 09:36:07 +0000 Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503F92CB72@shsmsx102.ccr.corp.intel.com> References: <20200206141933.356-1-jian.j.wang@intel.com> <20200206141933.356-3-jian.j.wang@intel.com> In-Reply-To: <20200206141933.356-3-jian.j.wang@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: jiewen.yao@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: Wang, Jian J > Sent: Thursday, February 6, 2020 10:19 PM > To: devel@edk2.groups.io > Cc: Yao, Jiewen ; Zhang, Chao B > ; Laszlo Ersek > Subject: [PATCH 2/9] SecurityPkg/DxeImageVerificationLib: reject > CertStack.CertNumber=3D=3D0 per DBX(CVE-2019-14575) >=20 > In case the signers' certificate stack, retrieved from the PE/COFF image'= s > Authenticode blob, has zero elements (=3D there are zero signer certifica= tes), > then we should consider the image forbidden by DBX, not accepted by DBX. >=20 > Cc: Jiewen Yao > Cc: Chao Zhang > Signed-off-by: Jian J Wang > Reviewed-by: Laszlo Ersek > --- > .../Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) >=20 > diff --git > a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c > b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c > index 74dbffa122..5dcd6efed5 100644 > --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib= .c > +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib= .c > @@ -1326,7 +1326,7 @@ IsForbiddenByDbx ( > // UINT8 Certn[]; >=20 > // >=20 > Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, > &TrustedCert, &TrustedCertLength); >=20 > - if ((BufferLength =3D=3D 0) || (CertBuffer =3D=3D NULL)) { >=20 > + if ((BufferLength =3D=3D 0) || (CertBuffer =3D=3D NULL) || (*CertBuffe= r) =3D=3D 0) { >=20 > IsForbidden =3D TRUE; >=20 > goto Done; >=20 > } >=20 > -- > 2.24.0.windows.2