* Re: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() [not found] <17A9331C4FE606BC.28944@groups.io> @ 2024-01-11 8:35 ` Guo, Gua 2024-01-11 8:43 ` Ard Biesheuvel 0 siblings, 1 reply; 3+ messages in thread From: Guo, Gua @ 2024-01-11 8:35 UTC (permalink / raw) To: devel@edk2.groups.io, Guo, Gua, Gerd Hoffmann, Mathews, John, Zimmer, Vincent Cc: ardb+tianocore@kernel.org CC: @Mathews, John and @Zimmer, Vincent Hi @Gerd Hoffmann My company teammate share me your patch can resolved https://bugzilla.tianocore.org/show_bug.cgi?id=4166. So the signed-off name is your name. If you have any concern, you can also share for me, if you don't have concern please also let me know, before merging it. It's PR https://github.com/tianocore/edk2/pull/5252/ Thanks, Gua -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Guo, Gua Sent: Thursday, January 11, 2024 1:15 PM To: devel@edk2.groups.io Cc: Guo, Gua <gua.guo@intel.com> Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() From: Gua Guo <gua.guo@intel.com> Fix Integer Overflow for CVE-2022-36765 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() Gerd Hoffmann (4): UefiPayloadPkg/Hob: Integer Overflow in CreateHob() StandaloneMmPkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Hob: Integer Overflow in CreateHob() MdeModulePkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++++++ MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++++++ UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++++++ 4 files changed, 19 insertions(+), 1 deletion(-) -- 2.39.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113593): https://edk2.groups.io/g/devel/message/113593 Mute This Topic: https://groups.io/mt/103657270/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() 2024-01-11 8:35 ` [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() Guo, Gua @ 2024-01-11 8:43 ` Ard Biesheuvel 0 siblings, 0 replies; 3+ messages in thread From: Ard Biesheuvel @ 2024-01-11 8:43 UTC (permalink / raw) To: devel, gua.guo; +Cc: Gerd Hoffmann, Mathews, John, Zimmer, Vincent On Thu, 11 Jan 2024 at 09:35, Guo, Gua <gua.guo@intel.com> wrote: > > CC: @Mathews, John and @Zimmer, Vincent > > Hi @Gerd Hoffmann > > My company teammate share me your patch can resolved https://bugzilla.tianocore.org/show_bug.cgi?id=4166. So the signed-off name is your name. > Again, a signed-off-by line is *not* a statement of authorship. You *cannot* add it on someone else's behalf if you want to credit the author. A signed-off-by line is a statement by the contributor of the code to indicate that the contributed code is made available under conditions that are in agreement with the open source license of the project. If you want to credit the author, you can mention their name in the commit log, or add some other tag (authored-by, for example). If you want to contribute code by another author, and you know you are able to do so under the terms, you should indicate so by adding your own signed-off line to the patch. Thanks, Ard. > If you have any concern, you can also share for me, if you don't have concern please also let me know, before merging it. > > It's PR https://github.com/tianocore/edk2/pull/5252/ > > Thanks, > Gua > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Guo, Gua > Sent: Thursday, January 11, 2024 1:15 PM > To: devel@edk2.groups.io > Cc: Guo, Gua <gua.guo@intel.com> > Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() > > From: Gua Guo <gua.guo@intel.com> > > Fix Integer Overflow for CVE-2022-36765 > 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() > > > Gerd Hoffmann (4): > UefiPayloadPkg/Hob: Integer Overflow in CreateHob() > StandaloneMmPkg/Hob: Integer Overflow in CreateHob() > EmbeddedPkg/Hob: Integer Overflow in CreateHob() > MdeModulePkg/Hob: Integer Overflow in CreateHob() > > EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++++++ > MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- > .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++++++ > UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++++++ > 4 files changed, 19 insertions(+), 1 deletion(-) > > -- > 2.39.2.windows.1 > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113594): https://edk2.groups.io/g/devel/message/113594 Mute This Topic: https://groups.io/mt/103657270/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply [flat|nested] 3+ messages in thread
* [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() @ 2024-01-11 5:15 Guo, Gua 0 siblings, 0 replies; 3+ messages in thread From: Guo, Gua @ 2024-01-11 5:15 UTC (permalink / raw) To: devel; +Cc: gua.guo From: Gua Guo <gua.guo@intel.com> Fix Integer Overflow for CVE-2022-36765 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() Gerd Hoffmann (4): UefiPayloadPkg/Hob: Integer Overflow in CreateHob() StandaloneMmPkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Hob: Integer Overflow in CreateHob() MdeModulePkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++++++ MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++++++ UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++++++ 4 files changed, 19 insertions(+), 1 deletion(-) -- 2.39.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113576): https://edk2.groups.io/g/devel/message/113576 Mute This Topic: https://groups.io/mt/103657270/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=- ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-01-11 8:43 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <17A9331C4FE606BC.28944@groups.io>
2024-01-11 8:35 ` [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() Guo, Gua
2024-01-11 8:43 ` Ard Biesheuvel
2024-01-11 5:15 Guo, Gua
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox