Re: [PATCH 03/13] NetworkPkg/TlsDxe: verify DataSize for EfiTlsCipherList

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Fu, Siyuan" <siyuan.fu@intel.com>
To: Laszlo Ersek <lersek@redhat.com>,
	edk2-devel-01 <edk2-devel@lists.01.org>
Cc: "Wu, Jiaxin" <jiaxin.wu@intel.com>
Subject: Re: [PATCH 03/13] NetworkPkg/TlsDxe: verify DataSize for EfiTlsCipherList
Date: Tue, 10 Apr 2018 01:51:19 +0000	[thread overview]
Message-ID: <B1FF2E9001CE9041BD10B825821D5BC58B4930F1@SHSMSX103.ccr.corp.intel.com> (raw)
In-Reply-To: <20180403145149.8925-4-lersek@redhat.com>

Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>



> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com]
> Sent: Tuesday, April 3, 2018 10:52 PM
> To: edk2-devel-01 <edk2-devel@lists.01.org>
> Cc: Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [PATCH 03/13] NetworkPkg/TlsDxe: verify DataSize for
> EfiTlsCipherList
> 
> TlsSetSessionData() shouldn't just ignore an incomplete EFI_TLS_CIPHER
> element at the end of "Data":
> 
> - Generally speaking, malformed input for a security API is best rejected
>   explicitly.
> 
> - Specifically speaking, the size of EFI_TLS_CIPHER is 2 bytes. If
>   DataSize is 1 on input, then the initial check for (DataSize == 0) will
>   fail, but then TlsSetCipherList() will be called with CipherNum=0.
> 
> Return EFI_INVALID_PARAMETER from TlsSetSessionData() if "Data" doesn't
> contain a whole number of EFI_TLS_CIPHER elements. While at it, introduce
> the dedicated variable CipherCount.
> 
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
>  NetworkPkg/TlsDxe/TlsProtocol.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/NetworkPkg/TlsDxe/TlsProtocol.c
> b/NetworkPkg/TlsDxe/TlsProtocol.c
> index ad4c922c60bd..a5f95a098345 100644
> --- a/NetworkPkg/TlsDxe/TlsProtocol.c
> +++ b/NetworkPkg/TlsDxe/TlsProtocol.c
> @@ -35,12 +35,13 @@ EFI_TLS_PROTOCOL  mTlsProtocol = {
> 
>    @retval EFI_SUCCESS             The TLS session data is set
> successfully.
>    @retval EFI_INVALID_PARAMETER   One or more of the following conditions
> is TRUE:
>                                    This is NULL.
>                                    Data is NULL.
>                                    DataSize is 0.
> +                                  DataSize is invalid for DataType.
>    @retval EFI_UNSUPPORTED         The DataType is unsupported.
>    @retval EFI_ACCESS_DENIED       If the DataType is one of below:
>                                    EfiTlsClientRandom
>                                    EfiTlsServerRandom
>                                    EfiTlsKeyMaterial
>    @retval EFI_NOT_READY           Current TLS session state is NOT
> @@ -56,12 +57,13 @@ TlsSetSessionData (
>    IN     UINTN                         DataSize
>    )
>  {
>    EFI_STATUS                Status;
>    TLS_INSTANCE              *Instance;
>    UINT16                    *CipherId;
> +  UINTN                     CipherCount;
>    UINTN                     Index;
> 
>    EFI_TPL                   OldTpl;
> 
>    Status = EFI_SUCCESS;
>    CipherId = NULL;
> @@ -97,23 +99,29 @@ TlsSetSessionData (
>        goto ON_EXIT;
>      }
> 
>      Status = TlsSetConnectionEnd (Instance->TlsConn,
> *((EFI_TLS_CONNECTION_END *) Data));
>      break;
>    case EfiTlsCipherList:
> +    if (DataSize % sizeof (EFI_TLS_CIPHER) != 0) {
> +      Status = EFI_INVALID_PARAMETER;
> +      goto ON_EXIT;
> +    }
> +
>      CipherId = AllocatePool (DataSize);
>      if (CipherId == NULL) {
>        Status = EFI_OUT_OF_RESOURCES;
>        goto ON_EXIT;
>      }
> 
> -    for (Index = 0; Index < DataSize / sizeof (EFI_TLS_CIPHER); Index++)
> {
> +    CipherCount = DataSize / sizeof (EFI_TLS_CIPHER);
> +    for (Index = 0; Index < CipherCount; Index++) {
>        *(CipherId +Index) = HTONS (*(((UINT16 *) Data) + Index));
>      }
> 
> -    Status = TlsSetCipherList (Instance->TlsConn, CipherId, DataSize /
> sizeof (EFI_TLS_CIPHER));
> +    Status = TlsSetCipherList (Instance->TlsConn, CipherId, CipherCount);
> 
>      FreePool (CipherId);
>      break;
>    case EfiTlsCompressionMethod:
>      //
>      // TLS seems only define one CompressionMethod.null, which specifies
> that data exchanged via the
> --
> 2.14.1.3.gb7cf6e02401b
>

next prev parent reply	other threads:[~2018-04-10  1:51 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-03 14:51 [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites Laszlo Ersek
2018-04-03 14:51 ` [PATCH 01/13] OvmfPkg/TlsAuthConfigLib: configure trusted cipher suites for HTTPS boot Laszlo Ersek
2018-04-03 14:51 ` [PATCH 02/13] MdePkg/Include/Protocol/Tls.h: pack structures from the TLS RFC Laszlo Ersek
2018-04-03 15:08   ` Gao, Liming
2018-04-04 10:32     ` Laszlo Ersek
2018-04-10  1:51   ` Fu, Siyuan
2018-04-03 14:51 ` [PATCH 03/13] NetworkPkg/TlsDxe: verify DataSize for EfiTlsCipherList Laszlo Ersek
2018-04-10  1:51   ` Fu, Siyuan [this message]
2018-04-03 14:51 ` [PATCH 04/13] NetworkPkg/TlsDxe: clean up byte order conversion " Laszlo Ersek
2018-04-10  1:53   ` Fu, Siyuan
2018-04-03 14:51 ` [PATCH 05/13] CryptoPkg/TlsLib: replace TlsGetCipherString() with TlsGetCipherMapping() Laszlo Ersek
2018-04-03 14:51 ` [PATCH 06/13] CryptoPkg/TlsLib: use binary search in the TlsGetCipherMapping() function Laszlo Ersek
2018-04-03 14:51 ` [PATCH 07/13] CryptoPkg/TlsLib: pre-compute OpensslCipherLength in TlsCipherMappingTable Laszlo Ersek
2018-04-03 14:51 ` [PATCH 08/13] CryptoPkg/TlsLib: add the "TlsMappingTable.sh" POSIX shell script Laszlo Ersek
2018-04-03 14:51 ` [PATCH 09/13] CryptoPkg/TlsLib: extend "TlsCipherMappingTable" Laszlo Ersek
2018-04-03 14:51 ` [PATCH 10/13] CryptoPkg/TlsLib: sort [LibraryClasses] section in the INF file Laszlo Ersek
2018-04-03 14:51 ` [PATCH 11/13] CryptoPkg/TlsLib: sanitize lib classes in internal header and INF Laszlo Ersek
2018-04-03 14:51 ` [PATCH 12/13] CryptoPkg/TlsLib: clean up leading comment for TlsSetCipherList() Laszlo Ersek
2018-04-03 14:51 ` [PATCH 13/13] CryptoPkg/TlsLib: rewrite TlsSetCipherList() Laszlo Ersek
2018-04-10  4:09 ` [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites Wu, Jiaxin
2018-04-10  7:40   ` Long, Qin
2018-04-10 10:02     ` Laszlo Ersek
2018-04-10 10:10       ` Laszlo Ersek
2018-04-10 16:56         ` Long, Qin
2018-04-10  9:47   ` Laszlo Ersek
2018-04-10 17:06     ` Long, Qin
2018-04-10 20:06       ` Laszlo Ersek
2018-04-11  1:59         ` Wu, Jiaxin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=B1FF2E9001CE9041BD10B825821D5BC58B4930F1@SHSMSX103.ccr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox