From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id EC74AD80419 for ; Thu, 7 Sep 2023 22:02:19 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=ORys0wmlE8aX2FD9UwEMmPmUG5i9dwgzj1WTlNAU/Us=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1694124138; v=1; b=JwOaY0WaqbiUbmJ12Ys/qj0WwcCW/bfISfBGIk8d9PorIkjW2wz5ZFaQD4pt48iBCECcqgwL s/HNaK6gbuG8CGzDxhuqDqtzD4C4qKg+5TxWVsYeIY6gx1mGZsPU1vqLKE6RgFfkpqHVTJAlzt2 O5NYkHLTDFRsTWpsLxxP62+Y= X-Received: by 127.0.0.2 with SMTP id s54AYY7687511xts4wZ7FAtN; Thu, 07 Sep 2023 15:02:18 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web10.26349.1694124137909296809 for ; Thu, 07 Sep 2023 15:02:18 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10826"; a="357801292" X-IronPort-AV: E=Sophos;i="6.02,236,1688454000"; d="scan'208";a="357801292" X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Sep 2023 15:01:59 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10826"; a="777247344" X-IronPort-AV: E=Sophos;i="6.02,236,1688454000"; d="scan'208";a="777247344" X-Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orsmga001.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 07 Sep 2023 15:01:57 -0700 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Thu, 7 Sep 2023 15:01:56 -0700 X-Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32 via Frontend Transport; Thu, 7 Sep 2023 15:01:56 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.169) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.27; Thu, 7 Sep 2023 15:01:55 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fmq9ylkSvyo2McnwtHtzbI5iS1oXFZy6T33H94lUrY+nlRuixwg8g4nLXP+nM8ZFzhEZ/WE5pNZKphdmuco2fbzPluIKw9cP4FY2qFhFP/n+YTgq93otXQX8NFMwOHakr4i1CpvrmVCCjnX6dnBSR9RoEIj/RULBO0pL13DjxbnKiun7giS3Bw/BrHioyvmah4Mz2USr4wC/B6fhrYQXZ91+YDU1qGwqxJAPWlVIbNWDy7NR4BK6PgEb2jCxFyOGcbOWupR2fNRZBkslP7L2+foDpTbJyhdcgwR9N3m+JVdNM7DrYyEWkmJmoxtxk/7Y3kbBBJZdT1aVFGOkQTMM8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JzdLhGKzYJ+RfD8CeU0NcBb7r3mN5km55qCJcYwKyvc=; b=mi3aWGUym6PJVHY8WOpYcpxVjh4M6MUXgIPRJM95ZC+/gchayZWHNpP+/yvKRWiyNt1E2xIyF32KFiq9TZJoJRGwVxUBzA5gwHb0z68LZnTMfl9Yx3un0wt+S7EGK2xTqXUV1iBNpZ94LDLv/Fc0SYJ/1vJnPDeEVrGJrmd/nQ/f3DV9ZL2w6zUwpc4xuxEW/9jd/TaO25nCFU9RN58U1mxlU63nm96sOuykmdlJV1rUKaBDWWhcdsr0uoJUa9wYjs0b1ycsf4SWFB4sYWIPKfqgIVlfCYa+0J/rzAZw0q23Ddhg313WhlhJI5GKyEMH8NssJntQKJRdIw0xcLlRUg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from CO1PR11MB4929.namprd11.prod.outlook.com (2603:10b6:303:6d::19) by SJ2PR11MB8588.namprd11.prod.outlook.com (2603:10b6:a03:56c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.30; Thu, 7 Sep 2023 22:01:54 +0000 X-Received: from CO1PR11MB4929.namprd11.prod.outlook.com ([fe80::eaa6:1c0:c33f:2a11]) by CO1PR11MB4929.namprd11.prod.outlook.com ([fe80::eaa6:1c0:c33f:2a11%2]) with mapi id 15.20.6745.034; Thu, 7 Sep 2023 22:01:54 +0000 From: "Michael D Kinney" To: "mikuback@linux.microsoft.com" , "devel@edk2.groups.io" CC: "Gao, Zhichao" , "Kinney, Michael D" Subject: Re: [edk2-devel] [PATCH v1 1/1] ShellPkg/UefiShellNetwork2CommandsLib: Check array index before access Thread-Topic: [PATCH v1 1/1] ShellPkg/UefiShellNetwork2CommandsLib: Check array index before access Thread-Index: AQHZ4OlSvNPoDwy5aECiPL0h040VabAP6/FQ Date: Thu, 7 Sep 2023 22:01:54 +0000 Message-ID: References: <20230906174033.1878-1-mikuback@linux.microsoft.com> In-Reply-To: <20230906174033.1878-1-mikuback@linux.microsoft.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR11MB4929:EE_|SJ2PR11MB8588:EE_ x-ms-office365-filtering-correlation-id: 16398a7c-dbd1-4ad3-bbca-08dbafee0c25 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: 9dlTNccddRnJFZ+vHrhb8sUIXTIIrh0R0qwyNroNy6MXgLRJAbEhTmZG2uSlzkFiPtHI0GVJuk2kixmHsw9WoEVnUrJS+8+0gezzTulfRSed4T7bbBTUxUpGqAFaBdAGEQVGVv9DkK+JnoxzQjaB1YkQInGRqD8kN5YZz0cOa9s8cLNPtvKSjLS7k8TBIRNld8sQ55y5WBBGPMmR70ZVvqtxkkFGouvxS5dCh+rIgCNUJQuyCBPBN8iXQrncIwoSVJVVMrX2ct+H7CMP6f4Nt7U1p4AEBoEG5ry6elJDxHLzybZrZc5sEHnAp9DmL7/2pfpgkBYQjAUX0LcIpzyzfPrj7CcQlqQKfeaK9yjw0jU84Wi0wMF+pa1dUu1oZbQ2zpYvBwZyBaTUB8b3Eyry2omCdC6Sm/2OjHZ7SJqlobizZy61kQYAqko9EUNh9LrSD0lsR2wibKfoN1/FwpT2q/D7AkvWT3y29osv+QVSBP9G0iidv5NvHmFdkElPmyk9gpXh6oGxx7cKzmoR+UutkGqj5Ae2JVzKMI7D95Us1O6d4bUMOr4YRdpLf6NnnK7p8XaE8NLAOe29E6U/1gGqJqtDh4E4c/AIgXepbrB/JWgL6b3wzMrdSPiVDoXfOyWv x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?6W2UWk3EaUWhsouGodvcHRDx0COWeay2Uodch/k79DUzM8aw+6pEFr9Jh/AL?= =?us-ascii?Q?U2M+Z98kqHTAykoR/onlkiw6bkK49Qn3f3/3CqLpKHAMx/K0biK5Q0uVp5fF?= =?us-ascii?Q?YUt32eo6yBnbjkZzlDKqx+98GoCVkGFmZ8/dszZsPP5LJ8mDBl0zdtFjcZjE?= =?us-ascii?Q?clZRohYCzhP+zQTVJ4DVR34vMo1nZYH3hzXcEB5XD0ghppmB+ifnhx6nfRq6?= =?us-ascii?Q?5FPnLp7/q3Jg1S/8s4TO8cPqHBMU9HmJHok4T1DStBSnJ9iHgWbzb30sxG0B?= =?us-ascii?Q?0OJzGHpUD8p6Dn4JGyt+Gw1wwvadEpEh4sxEFM5eZdE5vfXhgxzEnJLg4OMd?= =?us-ascii?Q?j1sdeuLLetH6TxjqN58Iv5zwpgd0WapiGs89C1tX/vUDafgxLRU9pFn9Tyno?= =?us-ascii?Q?bNNEbRjNHtCXbKyD1KN5w0lWlJR7J3FGhrMDmgMWcYAeuvgbxl7/4zvWogxZ?= =?us-ascii?Q?8+Gl6H76W94cDFkzKs8wOtqM216ZRdefFgOQnYYbqf4zemqLzPHgclqmwg1g?= =?us-ascii?Q?dVJ/zoq9gdFz1/9h9VBjYSqGzNyq8n/uVc4RTa3BcC92JzLt4pK4vz5HDGTV?= =?us-ascii?Q?ED3tnzm30Bu5zEA5i4wvojYpXSSGb5YCuLHl6Om1sCgLpwZyEEs79y2mZxlJ?= =?us-ascii?Q?f8H7q3/5J+qdvKIaG3vI5MdWeXY7s127VO3QuWvaSPKb6IEIRCiT3seywpqR?= =?us-ascii?Q?jPCtHLbFHAp+qa/BpGpqJSyh+3/25kT2xGJwKN6a7cKghQqPfCP7V7VQ3pwO?= =?us-ascii?Q?9ytT3+yD5IdJD8b8yG1RHZe2joRng1uf7ETwcnZhK6QKJdEHwgSmhSFAx5M+?= =?us-ascii?Q?ZDcLaYyCic/e96rr+qpX81gMu/+etAxeAiZ33ow5/2Flu8OZ1rSIZeD0SxtF?= =?us-ascii?Q?F2FdOgzdSmZbsLghOkC672JLAM9SWGKwMC69Xb3Uz67Gopt+li2fkpr1JXew?= =?us-ascii?Q?4W0304LzmploOu4KHwxb0HUoL9xntSCT22PtQMzU+7KpBvL1KeOH/ZmzWiAN?= =?us-ascii?Q?W+gpnf9qh9yf4mz3nfypGvhxIpVAcHXL8wEXJNJ5EjoWesBXS7SRt2P3AIS5?= =?us-ascii?Q?8cAyG/bygIF3DrbcXJjBDPv3ejYyHuA0sqWJ3w2JM0tXtWXQGMcjtPDFYMW3?= =?us-ascii?Q?obYkEvSbqAwoS7inGQWvQSYvIR2COtFFFAY+E7rnMOpGx4wuIuvwAdGOxoXG?= =?us-ascii?Q?nbb4bM5aIev76+8boVSvKgMUuGU4LODUg/sUvvmY9VpqyjEIwwHkKks5XTcG?= =?us-ascii?Q?NJKiwKqC06UZxsxJ+UEa+ax98qdvi7FbLgbgMOXwAy/xpDwVEq/VTZWYa3+r?= =?us-ascii?Q?4f+T2+6x5flAJH5HE5aJt2eNt1RhzIUvBd5bFZdeZtFJmmmiDM4IY0kGXUf3?= =?us-ascii?Q?OGdBCYVFn9HUfAJWPZOkQjdsTTuAnlObXSl5I38rQtAAVkxgbtTvJGe1zdzX?= =?us-ascii?Q?zJi9XhyphnHyD+Pz7cBZNn1WUheiC3A24j3/WOKr1P2Ps70NtoJ/XWwOLp3L?= =?us-ascii?Q?1R7dyGEtUf62SfHmDAb67KahGb2ZnQy3V7WLYaB0YMCOmA5iASz1hpcw095h?= =?us-ascii?Q?WXGBixv25u/hzxtyhxiErrgkJ3witYvjyOLEv09K3oab6c5InE6fZAavxko3?= =?us-ascii?Q?gQ=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB4929.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 16398a7c-dbd1-4ad3-bbca-08dbafee0c25 X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2023 22:01:54.3524 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: o3qGeQODJJBFl1TLJx1khmEE0SivlK9oBzyi7lUF3Xf6sFb5yi3gUx7/7aG5wJM7SZqG/3iVzLRUrKX76JpcW9bhwL/MpMFzzKDg1VboO8w= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR11MB8588 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: RTpxAcLMtXgyelxEUy19Jsgax7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=JwOaY0Wa; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") Reviewed-by: Michael D Kinney > -----Original Message----- > From: mikuback@linux.microsoft.com > Sent: Wednesday, September 6, 2023 10:41 AM > To: devel@edk2.groups.io > Cc: Gao, Zhichao ; Kinney, Michael D > > Subject: [PATCH v1 1/1] ShellPkg/UefiShellNetwork2CommandsLib: Check > array index before access >=20 > From: Michael Kubacki >=20 > Moves the range check for the index into the array before attempting > any accesses using the array index. >=20 > Cc: Zhichao Gao > Cc: Michael D Kinney > Signed-off-by: Michael Kubacki > --- > ShellPkg/Library/UefiShellNetwork2CommandsLib/Ifconfig6.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) >=20 > diff --git a/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ifconfig6.c > b/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ifconfig6.c > index 7c80bba46581..5cb92c485b47 100644 > --- a/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ifconfig6.c > +++ b/ShellPkg/Library/UefiShellNetwork2CommandsLib/Ifconfig6.c > @@ -382,7 +382,7 @@ IfConfig6PrintIpAddr ( >=20 > ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN > (STR_IFCONFIG6_INFO_COLON), gShellNetwork2HiiHandle); >=20 > - while ((Ip->Addr[Index] =3D=3D 0) && (Ip->Addr[Index + 1] =3D=3D 0= ) && > (Index < PREFIXMAXLEN)) { > + while ((Index < PREFIXMAXLEN) && (Ip->Addr[Index] =3D=3D 0) && (Ip= - > >Addr[Index + 1] =3D=3D 0)) { > Index =3D Index + 2; > if (Index > PREFIXMAXLEN - 2) { > break; > -- > 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108424): https://edk2.groups.io/g/devel/message/108424 Mute This Topic: https://groups.io/mt/101198333/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562= 12/xyzzy [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-