From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id E08EAAC15CC for ; Wed, 10 Apr 2024 13:30:12 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=MnpGrqYgBhGqll3yQVkKneY7q2t7cPqtb0iw0SyW7xg=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1712755811; v=1; b=UmpmMOsIlrjkGT2dxwONWHosEksQxgAeFWoSIX2twhIXNbjIEg5P2+1Jg6kvpK/0zpLoJ7we +a/9G91pjlveNAwXl3ZwBGZxW2w9aB/785ZTYiFbsal/Fv+PegxHyuLAScBZz7/mj+67DiRNGeQ t6Iyy6CWkCoqARYSjEgKKiyszr9spdb+3CkYHnk0oZ3vtXzvfKetWYBqfmKEs8bW/NeJ5v/dc0l SdbIkz+OYzErdXVZ58oOo9UOWDrjX3NG/qSY+CrgY2wXE/owiQ8fn7ZQFRbWH+lk43GSzbRm83i 5tB8OeRUHSMxKlyorNNNucwlLbMYK20Rp5ZNt67RVb1WQ== X-Received: by 127.0.0.2 with SMTP id VhkuYY7687511x0zyFBmGMhw; Wed, 10 Apr 2024 06:30:11 -0700 X-Received: from NAM02-DM3-obe.outbound.protection.outlook.com (NAM02-DM3-obe.outbound.protection.outlook.com [40.107.95.114]) by mx.groups.io with SMTP id smtpd.web11.164567.1712749012489857414 for ; Wed, 10 Apr 2024 04:36:52 -0700 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com (2603:10b6:303:9a::19) by DS0PR10MB6895.namprd10.prod.outlook.com (2603:10b6:8:131::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Wed, 10 Apr 2024 11:36:50 +0000 X-Received: from CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::532f:a4c9:de07:4741]) by CO1PR10MB4594.namprd10.prod.outlook.com ([fe80::532f:a4c9:de07:4741%4]) with mapi id 15.20.7409.042; Wed, 10 Apr 2024 11:36:50 +0000 From: "Sountharya N via groups.io" To: "Li, Yi1" , "devel@edk2.groups.io" CC: Srinivasan Mani , Prarthana Sagar V , "Yao, Jiewen" , "Hou, Wenxing" Subject: Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Topic: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Index: AQHaecB8Ol19uFoD80C9AwEL/RX72LFMa8OwgAbt8rCAAOU7AIANQ2Rg Date: Wed, 10 Apr 2024 11:36:50 +0000 Message-ID: References: <20240319054335.707-1-sountharyan@ami.com> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR10MB4594:EE_|DS0PR10MB6895:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: VHQBsI56ZIN0HyzArKS3LjhbLy+s/CPD9kPJQ2ADypmHjtTbsMf9BbnQgqCt/1NfkP93fUEvhnuDHLildhQcCZWOCqXebKyODC17gSKowNVgxk+CXxrxspGUPH2QlqJ34xzm2Vo+59VG4vaCS+ZNKXcxjsv1g8w3McNbDsGbqRssxXY630WzYWacbiuwGSE+l/LKU0R3jt3OmcRGj9VJ/fCo+PNv+S5M3HNntzaQ23nZCO0Tk2VQP86mQpdeW2epVk8gdIdK/ABkGoAlaFQ00d4YJxZKubsp3rpHysm9Ke33QLbt1VbCq/dSaGbcAKsXzRN5ZTgtngdbmxENShBd1t5Fo+NQUzu7HVQs9mDvLd+tHf7fsTvP/COWTkhOqheikqfC2IiOmwDwS67XzFFZa3AJL3ZVD31MR5MoWr74T5SgRAx1qb/12dlGuXTitnfbz1GK9fJCADKydaZjGIqmLIa3lHRcpZ0KJrZ52w31sltX8fS2YT6XJsq7SKLRV/BezrFG/hPQ27eyKPtBd5fBzQgugmQWQbvp7LD/nmoGgL7wpW+3h5WdhCnEBFt6lhKY31zjwkVRbLFRMx9riok84Vk7DJIvGn9nV2IGnrr79d0= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?6lrGlWYvDRSfcZjYi4RY+09BnT6YAMIaYju1nJ73i+qKCd0SxO+AntPCLcN1?= =?us-ascii?Q?NLYE6emHowDAaxlJqij8PIB3L3G/zDe8P1v3SBXoEheNnWTHL6Gt9K6kvi08?= =?us-ascii?Q?1tMXO9KfjIsQlUJa3C2dM4UZz53XlCrQVEiNklzCTLsEEDqTY0+xivZlBf/F?= =?us-ascii?Q?Nd4rgnSbBVAGiFLukvm4jzhiQBSsmelDcajdTmgBpOZTSl6LA5jPMj9FVdVc?= =?us-ascii?Q?qNJmfgzah7K4W0XVJU0KArNPwOFGsMePHt5egc4UPCY5ZjSEOihHk6L4Q1Gn?= =?us-ascii?Q?VyoVYP0690WWZic2QradrrTijX1rSbtrgOJffVxX0cZkf0J+WnDBqOPXrzVE?= =?us-ascii?Q?/zAyAZfaiI0fZ/nrOXFmpfOotZfVG0jrlQ+JOUl8E696vE5DCtN6lX/Iy3Z1?= =?us-ascii?Q?J/Z79N/B1YREWtcFMIlz/5lgfyfp4cXc/aLxaMBD+h0yK+aFTj6NrKYeAqbZ?= =?us-ascii?Q?UXNv1uegtcumpl3I28fe/bhJ/2bK/Jpm3bsIslULtisQlZdwc6bk9QqmgbZg?= =?us-ascii?Q?5XQK0BSPpi4XteYdbFBpgNojybaQzCprQyMJazK5tXYhpHxehyqXXpHrMvIy?= =?us-ascii?Q?MYubFbJaDE8WITlgUY0WUGgI6bQMWxG+Z3hvPRSbIazPboom5yZEMyed8FeQ?= =?us-ascii?Q?vTTXbpukvxmP4N7ho0STubYWRNKkszDCqUZAmKhptaHEvaKxFMdFLVH2V8Iw?= =?us-ascii?Q?F3CM99O4OwblRC/iAEjl1mhtYOxo2nCXTJSOSbwjHzhLGU/GhTf42Apz3bSP?= =?us-ascii?Q?/BcRywyUb8iHvpvaKe2EcDKDrE8WXQvwXOuM8wed2NRUi5x7Y3RDr67Twcxv?= =?us-ascii?Q?dPF3b9tHe8dDFHZexDvaYaoETaTp2gPinEi5kPEIZ1gNPCc5vwhys/gjeNnh?= =?us-ascii?Q?PffYd4z/2zZ/n8JGEQGDw6m/zhuxm2hsTNORmZUc9tlBT5dj9sbCAgZpHmOA?= =?us-ascii?Q?ldRB3zGqwxgc6pHPeha6A3WpbjWn0qgaTa9e+s2pfIsS77Gdp4JswZ+nTDyK?= =?us-ascii?Q?SOL0PAuP7WIFg3aZAR2lym7vaE1rY1F5fSVnvRa4oUKQY6o+h7wsZCP8oe2e?= =?us-ascii?Q?Rexh9C101mSxMCakcddS71+L9QrlO93leNvVS78AkakzhM98r+Y+KNYdSrvL?= =?us-ascii?Q?IP/2Md/7CQbJCNbdBieli6hvkruko4AqXmczCeKnYu9QvR77G6rJWhHo5P+Q?= =?us-ascii?Q?SWyHco8F+IduXc1uajKpnmmK8GhnwfDHFkL67RNEJmFPVXmKV/nTT0Y3lsKk?= =?us-ascii?Q?plRSbserASGzArZH2q/nZMnuM0YIEL7V59Jg2FinA5FEOIsxYSDH5OWDdPEK?= =?us-ascii?Q?FuBakB0ojWKvn0qWJ7PLoY+9YIferF6860DH9MTDxPPhvI2al3OGEYrurcaT?= =?us-ascii?Q?PsrEtm8TxOVtuIZhUw3PCd26UcEIgtMu6qVdiRoUKLS0Lr0dnOGJ8Pn4/Du0?= =?us-ascii?Q?ruVoihCFKPko4ynkb8zqokDtyg8Z3imX48i4MuTIH7biksDXprj67IF0xJN6?= =?us-ascii?Q?GV017Q8DxnCSnbbUxm646AFVqEbRIUF7u49TAXooO/jH4MMVRzlGofuQkFXS?= =?us-ascii?Q?pYTZUdoawt3zIID76M84Nk9k9Q9XObustSo+HHdhR1xMOQV8yuCbtb419sg+?= =?us-ascii?Q?YPfCGWiMB+5eJJ/BhExDJGEulqqDG0lw2vYZ0RD/HO6I?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR10MB4594.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 965880b6-074e-4401-a29e-08dc59528311 X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Apr 2024 11:36:50.0868 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: O8tYsyoBg+IDIV8sReLiygxtjpkkOwCh0aNgt/ovhnkI4PbG8b5PKLeUVlg4ytN/6XdDWEbeZBrhsGMugSPW5Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR10MB6895 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 10 Apr 2024 06:30:10 -0700 Resent-From: sountharyan@ami.com Reply-To: devel@edk2.groups.io,sountharyan@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: OSITAL6GpPyMtiZg18LPse17x7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=UmpmMOsI; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Hi Yi, I Removed 'Reviewed-by: @yi1.li@intel.com' and Sent V2 patch to devel@edk2.= groups.io. Thanks, Sountharya -----Original Message----- From: Li, Yi1 Sent: Tuesday, April 2, 2024 6:42 AM To: Sountharya N ; devel@edk2.groups.io Cc: Srinivasan Mani ; Prarthana Sagar V ; Yao, Jiewen ; Hou, Wenxing Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_objec= t() function return value is not checked properly in CryptX509.c. Hi, Please remove 'Reviewed-by: @yi1.li@intel.com' and send V2 patch to devel@e= dk2.groups.io by send-email. Generate V2 patch: Add '--subject-prefix=3D"PATCH V2" ' when you format patch: git format-patch --subject-prefix=3D"PATCH V2" ... The content of patch looks good to me, will give you my Reviewed-by and pus= h it after receiving your V2 patch. Thanks, Yi -----Original Message----- From: Sountharya N Sent: Monday, April 1, 2024 7:23 PM To: Li, Yi1 ; devel@edk2.groups.io Cc: MANI, SRINIVASAN ; Prarthana Sagar V ; Yao, Jiewen ; Hou, Wenxing Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_objec= t() function return value is not checked properly in CryptX509.c. Hi Yi, As you suggested, modified the changes and gave PR. Here I have attached th= e Link for reference. https://github.com/tianocore/edk2/pull/5507 Thanks, Sountharya -----Original Message----- From: Li, Yi1 Sent: Thursday, March 28, 2024 7:17 AM To: devel@edk2.groups.io; Sountharya N Cc: Srinivasan Mani ; Prarthana Sagar V ; Yao, Jiewen ; Hou, Wenxing Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() = function return value is not checked properly in CryptX509.c. **CAUTION: The e-mail below is from an external source. Please exercise cau= tion before opening attachments, clicking links, or following guidance.** Hi, Please follow the correct upstream process to avoid Github CI errors. https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-gi= t-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please = add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_b= ug.cgi?id=3D4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_g= et_object() success but Asn1Tag !=3D V_ASN1_SEQUENCE ''' both need to be tr= eated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: htt= ps://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io On Behalf Of Sountharya N= via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N Cc: MANI, SRINIVASAN ; Prarthana Sagar V Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() fu= nction return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length =3D 0; Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert =3D (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla= ss, (long)Length); + Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117586): https://edk2.groups.io/g/devel/message/117586 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-