From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id C40C8AC0B10 for ; Tue, 2 Apr 2024 04:19:11 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=eJIPYcdiIyk0+/g6iCAVCWy0SYLPcRSrARAOd3KwJfQ=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1712031550; v=1; b=Wa04Cj52YVPf200SqZDzCDkM1WPwTjd3s7EQjY0/HDxPmZGUja17JXLGaM353IE78CrRkSWw M7rkU3EeJxAzprmyni/bp+da0YHo7Bt5rcCW7uFYLYTtUBKMlNLL/tPF6g3teTVhUdDbzDn4H5i NKUuQIIAjlENYNxz+HJcEnXRTy9QN/3//gpWK9u6RVpQMkOgbD3LiKYC+ziuhorDdTGMmTLqoEj cn5e5t1QR0RZCK58+U3J+l5DntzBlcWFcY3mImzYvhip4K4gKFiULg94c8ktTF8lc9FiDB8YrTw FgA071SdwPFTVaYrJ6jATCJXYD3fLm+iEX4Oegizqy6Zw== X-Received: by 127.0.0.2 with SMTP id 18MfYY7687511x9FJlj34m9X; Mon, 01 Apr 2024 21:19:10 -0700 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.134]) by mx.groups.io with SMTP id smtpd.web11.35031.1711970610533132579 for ; Mon, 01 Apr 2024 04:23:30 -0700 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com (2603:10b6:303:9a::19) by CY8PR10MB6852.namprd10.prod.outlook.com (2603:10b6:930:84::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Mon, 1 Apr 2024 11:23:27 +0000 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::532f:a4c9:de07:4741]) by CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::532f:a4c9:de07:4741%4]) with mapi id 15.20.7409.042; Mon, 1 Apr 2024 11:23:27 +0000 From: "Sountharya N via groups.io" To: "Li, Yi1" , "devel@edk2.groups.io" CC: Srinivasan Mani , Prarthana Sagar V , "Yao, Jiewen" , "Hou, Wenxing" Subject: Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Topic: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Index: AQHaecB8Ol19uFoD80C9AwEL/RX72LFMa8OwgAbt8rA= Date: Mon, 1 Apr 2024 11:23:27 +0000 Message-ID: References: <20240319054335.707-1-sountharyan@ami.com> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR10MB4594:EE_|CY8PR10MB6852:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: MR+D8Dc+taMHDuX2+RbrsGxN3aJaI6SMYNaL4CIs3lSgU2rDZti6NYugtulTl+V8+ctxPhVddektQSAewXe5bY1PDjb51npG10DY5xORjYijvSMFvN6K5tbR/lMCZFpTnmLoo2cGVzDKn/Er2EizyLq5vU7MR9cGXEuy9/qU3KeiaST6CIJeJpQibHRNfhjvA4uqaiTyvCJNCJQinzKCMG7frrhkqNTLlNfYtNfKvuTdFF3jFog9irXj50SWvGlc2wyYkfSEUgeggXz8fLU9nW2tN2ZUHYPtOM80b5HkD/PtkCV+Ix+05B/cjOXGQFa+ZGjD0/XLbWHn/rBn8Q3VI5NxYM/v48N7ubpqlDkkuAbQxnCNhmpQMzLoFBYJ2/JqFFZ8QU3Xke6UUwSURXL0gigsNFYltpa8leWFshyJj5GgtQkSXJti0nZVtSwdHd5xIgAFTmg0F/8w9UDGE9pKfGZ0Q5W+B8uAUroHkQbCf4XCN/CR1aEWHUoYKn7R0wqU/6RyWi8ccvcMWlDZITwK3ihNSfD+UN1Anyy1KlV6Jj8hNgWjdFYS8QTpRpF1DYRZhVHsxlfpvtKY5Wfr4/LYXtQjXMNyjVuIeW+Brg93qyljyu0tMgQtAqG/yoRFX5nX x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?rl8AcVGgpaEgBjW+1xQMs/97p6rt+1JgH3H2io6OqxhUyY4c9pPSJ4Ggec0T?= =?us-ascii?Q?3OKRrbR2fqq2RPEr2yN8yj/x9R3//pJKHUhAQOx8d5zPxDICs/VVSeHPbFhm?= =?us-ascii?Q?IoxMPLSZ1ifx+WWXL9mM2ENmeOSklosMkyP4fNcY0jMp/q62vmBGO7axLOyF?= =?us-ascii?Q?oDnyHMIxdD5aRDfxt1eLIY+q3BNH5pGITGw0xAInf9+4jCGv5UhXKd0mMObj?= =?us-ascii?Q?B9hnaK96j+zJYxfhJUq4Xs6sBoe54ftceXt5o7bvo4jW0Awsttr1wQFFSRMb?= =?us-ascii?Q?+1s+cDi2hw9RYyzwUsoQPpwwBYzBYryXvEzF0LocUF8VzNfWIAamvpu8zD4k?= =?us-ascii?Q?aS+s4vA7aOawmskjNqjlNyQ8IHmucGc05o4HhNwnLP+Vl8eNnqVyI3oQcKV+?= =?us-ascii?Q?jDyi6ds3zDowcgzvHHI3ntVHr407pkBq4UeMLZUj10izCQim8quP8ZprQ2ef?= =?us-ascii?Q?pefRM0AXrUS6e2DHu/2VAhimsYkQA24mvzVCJzHHPQSXs9bJFHtw1nee+skq?= =?us-ascii?Q?q9A1l1WUCQUZPGLBU1ax+3edVW15GLp4BctNuTQ7fd50+/DcK/wjO/uJp5Ff?= =?us-ascii?Q?4ihhVhYh05kZiyBhQLgyKpwhva0h4xcB1P/87LTbYj/KXdZ9yczBPzF6v1HM?= =?us-ascii?Q?3Y0ZYQ/Sm3hu9GYlPOzLXoL/C7r0NNhyaDuzSUpK50hamax5uUM/D7cLQf6X?= =?us-ascii?Q?dn2E7VVE/ZQZp64/D1DswqU7YdRykT/QBLva+n7RJ/ctPGnlmq7eWIEceOal?= =?us-ascii?Q?yJHIhrqZpre/j414ECkrQmzYC+PQn5u/uGEg2jj39SybU8AL0xgr1A1AMA51?= =?us-ascii?Q?oaqWkkwhi3lemOsY8BpINbAsv1fCgtDHpPWSjehtsVw+56KEcFqgM2WAbO8f?= =?us-ascii?Q?PCjXcGZX63/QN5jYX3WFr7L4XoXtl37fE2/F9yTjgOw1h7vvs/9g2bXos0td?= =?us-ascii?Q?73UymTabHkO9hnQlXQGJ4vHJBr6IWFSE0Rr711YfgwBq7Sk24H9t2GQl9pT5?= =?us-ascii?Q?p87nEy/7kJE+YIyPcVgb3B8ilPVJiAPA9pOsvOcdp42b1kyvORiP3+oFLZH1?= =?us-ascii?Q?HudMvPW3sWje0bwN3B3LBnBnLN0zmjdk5xFmW1YCM7FOkIqa23wsJX0NvYlE?= =?us-ascii?Q?ov+Hv6JiLUelX/ZazVWDiqhIA5r1Dggb1zD1AaiF1s0MDCwEZj8ctnilu2ev?= =?us-ascii?Q?N6BxmuKVEVHSEVOzH7Hor6NL33e6+IVmvq7uFL66wLkDLgOmw2yiUIqdTr3m?= =?us-ascii?Q?9LQS7HPgUv2H2ZldFH1sKmIWKAwGyPqJveNL0zuqiln6pkVk6Yrw6P/wuyop?= =?us-ascii?Q?TgNcEbfC2EfVpOt5A9gwuPxhEv5yEh6G90bd1k/eYqbZDZQAUS+qjDO5oo6c?= =?us-ascii?Q?zm1omKhPqtZuF40tlU44FAl8K28vQ4nrFL6k4FJd9snCRD7pGcTD8nuSL8h7?= =?us-ascii?Q?XpbDZZ0o8E3itmVYC/oqKokw8FfwxHCE8XCxFpGBp8r8WumUgn051ruXONlQ?= =?us-ascii?Q?rpbIc9BoSnirnvoZqemBV71gmITTcdkAd2LDgo+8SfZ4LKCckpXx+oDQeFkU?= =?us-ascii?Q?X+RauhQoPKlKlYHokSwFuBmcCnUms5cR6KKh3nNt?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4594.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d0c63f3e-9053-48fc-5a9f-08dc523e26ce X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Apr 2024 11:23:27.2161 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: YSUTfNQ5Yrq6Vzy1A2Ot6LYAUcI7D8mBMwGfOTlUqV2dr1T/YuYn8nAEM/+x2JKqR12/0zOawDh/J5OsFw/HUg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR10MB6852 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 01 Apr 2024 21:19:09 -0700 Resent-From: sountharyan@ami.com Reply-To: devel@edk2.groups.io,sountharyan@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: MqXAwYQlCcWUVzFMNZ6PtLzax7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=Wa04Cj52; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Hi Yi, As you suggested, modified the changes and gave PR. Here I have attached th= e Link for reference. https://github.com/tianocore/edk2/pull/5507 Thanks, Sountharya -----Original Message----- From: Li, Yi1 Sent: Thursday, March 28, 2024 7:17 AM To: devel@edk2.groups.io; Sountharya N Cc: Srinivasan Mani ; Prarthana Sagar V ; Yao, Jiewen ; Hou, Wenxing Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() = function return value is not checked properly in CryptX509.c. **CAUTION: The e-mail below is from an external source. Please exercise cau= tion before opening attachments, clicking links, or following guidance.** Hi, Please follow the correct upstream process to avoid Github CI errors. https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-gi= t-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please = add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_b= ug.cgi?id=3D4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_g= et_object() success but Asn1Tag !=3D V_ASN1_SEQUENCE ''' both need to be tr= eated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: htt= ps://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io On Behalf Of Sountharya N= via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N Cc: MANI, SRINIVASAN ; Prarthana Sagar V Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() fu= nction return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length =3D 0; Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert =3D (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla= ss, (long)Length); + Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117317): https://edk2.groups.io/g/devel/message/117317 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-