From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <roman.bacik@broadcom.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2a00:1450:400c:c09::244; helo=mail-wm0-x244.google.com;
 envelope-from=roman.bacik@broadcom.com; receiver=edk2-devel@lists.01.org 
Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com
 [IPv6:2a00:1450:400c:c09::244])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id D85E220336AA3
 for <edk2-devel@lists.01.org>; Mon,  9 Jul 2018 15:12:40 -0700 (PDT)
Received: by mail-wm0-x244.google.com with SMTP id v128-v6so5033578wme.5
 for <edk2-devel@lists.01.org>; Mon, 09 Jul 2018 15:12:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google;
 h=mime-version:from:date:message-id:subject:to:cc;
 bh=FSp+A58BIadhmy2n1CbnAXJxVgbGCRqeMgFznGiXSo0=;
 b=c3YUx73nMcNS6YU1/HKAsSF0le5cfIlFpiLL2om4E/WOSvlUvp4HDFDchmTplUSqaz
 b1mLuNyafym+bqBBYunMPvK5HjWJIib4NNeWuxgmQUvJweC7s04mCgUg/xs9n5Bc6Wt4
 fX8rOs7CLEL+7naV4eva9sSRIdyM5o01wGRlQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=FSp+A58BIadhmy2n1CbnAXJxVgbGCRqeMgFznGiXSo0=;
 b=Ux1wOJC2xjaxe/+tFEDG0VgR0lZx6u/cEuVd6eAKzjPdPTMSxY9YdxvXGvf57g3PQ9
 GDIBFhjHLp/TCO+vv9hvhDa5V7O7Mf5hELefnTbJerKUhB9CnGVecqfdf9W9pMcmyQzs
 DugV0b84EljL3c4l6zvDRxNruM1COSIMiGcGkIncDaRpl71QsbaS3HS0pu3fwzsZq/5l
 9bxzBAclcSq827XJVGuh4HIqC8XNOQ4Tb5iEpF/BhAJJbH99ZC5I1GdcRioXwrUjn7ld
 /BK/ReL3SVkQ8QcHbBAgvac7TYBJlc3H6KmDJx67q0JhatbbJDBJRmR4FlVSCAEpIjqu
 S70w==
X-Gm-Message-State: APt69E04mYyuGm4jntKoRQ+HaVPEOdiCrQGymFcjosIMDyKyv54uA3tK
 mxFIo7TK6Ma24uHhAwuc9z76AZKgyKDVwPKyyyRuxv9W
X-Google-Smtp-Source: AAOMgpeRNGvdfjTU8gqx3ps8nyOn4qxxLQ5/PKjv/UiH7dKU/OaIEn+vpUD5K+XKDPAREmDsHMoxM8HjyhSBFouEGWA=
X-Received: by 2002:a1c:6d94:: with SMTP id
 b20-v6mr13087562wmi.28.1531174358542; 
 Mon, 09 Jul 2018 15:12:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:adf:f505:0:0:0:0:0 with HTTP;
 Mon, 9 Jul 2018 15:11:58 -0700 (PDT)
From: Roman Bacik <roman.bacik@broadcom.com>
Date: Mon, 9 Jul 2018 15:11:58 -0700
Message-ID: <CAGQAs7w8MweELynk1XDHTKWAOs1_2GFLwbtj=4-rAqMaUEH-nQ@mail.gmail.com>
To: edk2-devel@lists.01.org
Cc: Chao Zhang <chao.b.zhang@intel.com>, Jiewen Yao <jiewen.yao@intel.com>, 
 Laszlo Ersek <lersek@redhat.com>, 
 Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.27
Subject: [PATCH v1] SecurityPkg: Fix assert when setting key from FAT formatted eMMC/SD/USB
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 22:12:41 -0000
Content-Type: text/plain; charset="UTF-8"

When secure boot is enabled, if one loads keys from a FAT formatted
eMMC/SD/USB
when trying to provision PK/KEK/DB keys via the menu, an assert in StrLen()
occurs.
This is because the filename starts on odd address, which is not a uint16
aligned
boundary: https://bugzilla.tianocore.org/show_bug.cgi?id=1003

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Roman Bacik <roman.bacik@broadcom.com>
---
 .../SecureBootConfigFileExplorer.c                   | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
index 1b6f88804275..d5338406957c 100644
---
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
+++
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
@@ -123,6 +123,8 @@ OpenFileByDevicePath(
   EFI_FILE_PROTOCOL               *Handle1;
   EFI_FILE_PROTOCOL               *Handle2;
   EFI_HANDLE                      DeviceHandle;
+  CHAR16                          *PathName;
+  UINT16                          PathLength;

   if ((FilePath == NULL || FileHandle == NULL)) {
     return EFI_INVALID_PARAMETER;
@@ -173,6 +175,10 @@ OpenFileByDevicePath(
     //
     Handle2  = Handle1;
     Handle1 = NULL;
+    PathLength = ((FILEPATH_DEVICE_PATH*)*FilePath)->Header.Length[0] |
+                 ((FILEPATH_DEVICE_PATH*)*FilePath)->Header.Length[1] << 8;
+    PathName = AllocateZeroPool (PathLength);
+    CopyMem (PathName, ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,
PathLength);

     //
     // Try to test opening an existing file
@@ -180,7 +186,7 @@ OpenFileByDevicePath(
     Status = Handle2->Open (
                           Handle2,
                           &Handle1,
-                          ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,
+                          PathName,
                           OpenMode &~EFI_FILE_MODE_CREATE,
                           0
                          );
@@ -192,7 +198,7 @@ OpenFileByDevicePath(
       Status = Handle2->Open (
                             Handle2,
                             &Handle1,
-                            ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,
+                            PathName,
                             OpenMode,
                             Attributes
                            );
@@ -202,6 +208,8 @@ OpenFileByDevicePath(
     //
     Handle2->Close (Handle2);

+    FreePool (PathName);
+
     if (EFI_ERROR(Status)) {
       return (Status);
     }
-- 
2.17.1