From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 29E492194D387 for ; Wed, 17 Oct 2018 20:39:36 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Oct 2018 20:39:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,395,1534834800"; d="scan'208";a="273390558" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by fmsmga006.fm.intel.com with ESMTP; 17 Oct 2018 20:39:36 -0700 Received: from fmsmsx117.amr.corp.intel.com (10.18.116.17) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 17 Oct 2018 20:39:34 -0700 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by fmsmsx117.amr.corp.intel.com (10.18.116.17) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 17 Oct 2018 20:39:33 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.111]) by SHSMSX104.ccr.corp.intel.com ([169.254.5.183]) with mapi id 14.03.0319.002; Thu, 18 Oct 2018 11:39:09 +0800 From: "Wu, Jiaxin" To: "Ye, Ting" , "edk2-devel@lists.01.org" CC: "Fu, Siyuan" Thread-Topic: [edk2] [Patch] NetworkPkg/IpSecDxe: Fix issue to parse SA Payload. Thread-Index: AQHUZPBfuoM8y4zggEG1+lWRlNdJVaUj1JcAgACJoVA= Date: Thu, 18 Oct 2018 03:39:09 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B7274164CE650@SHSMSX103.ccr.corp.intel.com> References: <20181016013410.3044-1-Jiaxin.wu@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYWM5NGVmZGQtZGExOC00OGVjLWFhODktZDY1NzdkMzFiMmExIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiVm12NFB2bTlRTnl4bzltXC96bUx5VVBoZUxZSlNudFpKQThIZUNybFVQUEM5WnRmQXpJQ3BLRlZHZzFmaE9PZVkifQ== x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.400.15 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] NetworkPkg/IpSecDxe: Fix issue to parse SA Payload. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Oct 2018 03:39:37 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks Ting, I will update the comments against the function. > -----Original Message----- > From: Ye, Ting > Sent: Thursday, October 18, 2018 11:26 AM > To: Wu, Jiaxin ; edk2-devel@lists.01.org > Cc: Fu, Siyuan ; Wu, Jiaxin > Subject: RE: [edk2] [Patch] NetworkPkg/IpSecDxe: Fix issue to parse SA > Payload. >=20 > Hi Jiaxin, >=20 > I am confused why we need set values to following local variables when > Ikev2ParseProposalData marks them as 'out' attribute. Please adds more > comments why '0' is required and updates 'out' to 'in out' if '0' is nece= ssary. >=20 > + IntegrityAlgorithm =3D 0; > + EncryptAlgorithm =3D 0; > + EncryptKeylength =3D 0; > + IsSupportEsn =3D FALSE; >=20 > Thanks, > Ting >=20 > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > Jiaxin Wu > Sent: Tuesday, October 16, 2018 9:34 AM > To: edk2-devel@lists.01.org > Cc: Ye, Ting ; Fu, Siyuan ; Wu, > Jiaxin > Subject: [edk2] [Patch] NetworkPkg/IpSecDxe: Fix issue to parse SA Payloa= d. >=20 > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1251 >=20 > IpSecDxe failed to create the Child SA during parsing SA Payload, the iss= ue > was caused by the below commit: >=20 > SHA-1: 1e0db7b11987d0ec93be7dfe26102a327860fdbd > * MdeModulePkg/NetworkPkg: Checking for NULL pointer before use. >=20 > In above commit, it changed the value of IsMatch in > Ikev2ChildSaParseSaPayload() to FALSE. That's correct but it exposed the > potential bug in to match the correct proposal Data, which will cause the > issue happen. >=20 > Cc: Fu Siyuan > Cc: Ye Ting > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Wu Jiaxin > --- > NetworkPkg/IpSecDxe/Ikev2/Utility.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) >=20 > diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.c > b/NetworkPkg/IpSecDxe/Ikev2/Utility.c > index 0c9c929705..d61bae8c9d 100644 > --- a/NetworkPkg/IpSecDxe/Ikev2/Utility.c > +++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.c > @@ -2502,15 +2502,16 @@ Ikev2ChildSaParseSaPayload ( > IntegrityAlgorithm =3D=3D PreferIntegrityAlgorithm && > IsSupportEsn =3D=3D PreferIsSupportEsn > ) { > IsMatch =3D TRUE; > } else { > - PreferEncryptAlgorithm =3D 0; > - PreferIntegrityAlgorithm =3D 0; > - IsSupportEsn =3D TRUE; > + IntegrityAlgorithm =3D 0; > + EncryptAlgorithm =3D 0; > + EncryptKeylength =3D 0; > + IsSupportEsn =3D FALSE; > } > - ProposalData =3D (IKEV2_PROPOSAL_DATA*)((UINT8*)(ProposalData + 1= ) > + > + ProposalData =3D (IKEV2_PROPOSAL_DATA*)((UINT8*)(ProposalData + 1) > + + > ProposalData->NumTransforms * sizeof > (IKEV2_TRANSFORM_DATA)); > } >=20 > ProposalData =3D (IKEV2_PROPOSAL_DATA *)((IKEV2_SA_DATA > *)SaPayload->PayloadBuf + 1); > if (IsMatch) { > -- > 2.17.1.windows.2 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel