From: "Guo, Gua" <gua.guo@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
"Guo, Gua" <gua.guo@intel.com>, Gerd Hoffmann <kraxel@redhat.com>,
"Mathews, John" <john.mathews@intel.com>,
"Zimmer, Vincent" <vincent.zimmer@intel.com>
Cc: "ardb+tianocore@kernel.org" <ardb+tianocore@kernel.org>
Subject: Re: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob()
Date: Thu, 11 Jan 2024 08:35:37 +0000 [thread overview]
Message-ID: <BL1PR11MB5478519756DCCA8277CC4C46EF682@BL1PR11MB5478.namprd11.prod.outlook.com> (raw)
In-Reply-To: <17A9331C4FE606BC.28944@groups.io>
CC: @Mathews, John and @Zimmer, Vincent
Hi @Gerd Hoffmann
My company teammate share me your patch can resolved https://bugzilla.tianocore.org/show_bug.cgi?id=4166. So the signed-off name is your name.
If you have any concern, you can also share for me, if you don't have concern please also let me know, before merging it.
It's PR https://github.com/tianocore/edk2/pull/5252/
Thanks,
Gua
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Guo, Gua
Sent: Thursday, January 11, 2024 1:15 PM
To: devel@edk2.groups.io
Cc: Guo, Gua <gua.guo@intel.com>
Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob()
From: Gua Guo <gua.guo@intel.com>
Fix Integer Overflow for CVE-2022-36765
1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob()
Gerd Hoffmann (4):
UefiPayloadPkg/Hob: Integer Overflow in CreateHob()
StandaloneMmPkg/Hob: Integer Overflow in CreateHob()
EmbeddedPkg/Hob: Integer Overflow in CreateHob()
MdeModulePkg/Hob: Integer Overflow in CreateHob()
EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++++++
MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +-
.../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++++++
UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++++++
4 files changed, 19 insertions(+), 1 deletion(-)
--
2.39.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113593): https://edk2.groups.io/g/devel/message/113593
Mute This Topic: https://groups.io/mt/103657270/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next parent reply other threads:[~2024-01-11 8:35 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <17A9331C4FE606BC.28944@groups.io>
2024-01-11 8:35 ` Guo, Gua [this message]
2024-01-11 8:43 ` [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() Ard Biesheuvel
2024-01-11 5:15 Guo, Gua
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BL1PR11MB5478519756DCCA8277CC4C46EF682@BL1PR11MB5478.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox