Re: [PATCH v1] SecurityPkg: Fix assert when setting key from FAT formatted eMMC/SD/USB

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Laszlo Ersek <lersek@redhat.com>
To: Roman Bacik <roman.bacik@broadcom.com>, edk2-devel@lists.01.org
Cc: Chao Zhang <chao.b.zhang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
Subject: Re: [PATCH v1] SecurityPkg: Fix assert when setting key from FAT formatted eMMC/SD/USB
Date: Tue, 10 Jul 2018 02:24:49 +0200	[thread overview]
Message-ID: <9160437f-6dbd-ec35-71a4-f6aa2a305881@redhat.com> (raw)
In-Reply-To: <4e3b21af-4aeb-1524-df25-a1d7e08fdc94@redhat.com>

On 07/10/18 02:02, Laszlo Ersek wrote:
> On 07/10/18 00:11, Roman Bacik wrote:

>> +    PathName = AllocateZeroPool (PathLength);
>> +    CopyMem (PathName, ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,
>> PathLength);
> 
> (3) I think it's not necessary to zero-fill the buffer, we're going to
> overwrite it right after the allocation.
> 
> There's a convenience function for that: AllocateCopyPool().
> 
> (4) The number of bytes is not correct IMO. "PathLength" stands for the
> number of bytes in the entire device path node (FILEPATH_DEVICE_PATH),
> including Header and PathName. So, for getting the number of bytes in
> just PathName, we should subtract the size of Header.
> 
> Presently, we over-read the source buffer; it's not causing problems
> because PathName is NUL-terminated.

Sorry, I was unclear; I meant there were no *observable* problems. The
over-read of the source buffer results in garbage at the end of the
target buffer, which are later not consumed due to the terminating NUL
appearing earlier. Still, we should not over-read the source buffer.

Thanks
Laszlo

next prev parent reply	other threads:[~2018-07-10  0:24 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-09 22:11 [PATCH v1] SecurityPkg: Fix assert when setting key from FAT formatted eMMC/SD/USB Roman Bacik
2018-07-10  0:02 ` Laszlo Ersek
2018-07-10  0:24   ` Laszlo Ersek [this message]
2018-07-10  0:30     ` Roman Bacik

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9160437f-6dbd-ec35-71a4-f6aa2a305881@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox