From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by mx.groups.io with SMTP id smtpd.web12.13920.1599019328112930472
 for <devel@edk2.groups.io>;
 Tue, 01 Sep 2020 21:02:08 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=EC8gwAs+;
 spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com)
IronPort-SDR: u0vgIYWI4FY7juuyYzDT3bg2hEOieaF5jnECBWg7B3/97KbIY+ZWXkt0K3oqBHyEvLdAsiDwnF
 0CPCL7JVFYrg==
X-IronPort-AV: E=McAfee;i="6000,8403,9731"; a="156577071"
X-IronPort-AV: E=Sophos;i="5.76,381,1592895600"; 
   d="scan'208";a="156577071"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Sep 2020 21:02:06 -0700
IronPort-SDR: DOeDPMWtTV46I9Sz8yTn9bg1UmQBWZcVlujnJ2kYC2Vn9iSxCsNe+wWnxx3cbuy7Ui4j9e9sZe
 moXPeOV70CSA==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.76,381,1592895600"; 
   d="scan'208";a="501988069"
Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18])
  by fmsmga006.fm.intel.com with ESMTP; 01 Sep 2020 21:02:06 -0700
Received: from orsmsx605.amr.corp.intel.com (10.22.229.18) by
 ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Tue, 1 Sep 2020 21:02:05 -0700
Received: from orsmsx105.amr.corp.intel.com (10.22.225.132) by
 orsmsx605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5
 via Frontend Transport; Tue, 1 Sep 2020 21:02:05 -0700
Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by
 ORSMSX105.amr.corp.intel.com (10.22.225.132) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Tue, 1 Sep 2020 21:02:05 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.174)
 by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.1713.5; Tue, 1 Sep 2020 21:02:05 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ivMsl16UY4SPhzsFQ8jzC9MwVXGpzb/2uNDPhcgkcQO8daeNI1lojWeUKpd362B5nPuzLY9aQhvglP8n0nTkJ1rFbzibae6nqnb4b+qRvNOP7PQK2wiPFw1Ucdf2mKY8CdH7/yTHEaPG8W6gs7HqvS3Nf6Voak/Ht5sn8fFTuhzmeaAmgHlnND5Vp7c9ckPbS37B8dTUJVyQro3yzlCItc7Af7Y7D5+A7Sfus89HaGWnywnqWgCX8JIavcbOJBsj6euOSkGzgH/IEkO6JvDsO9X1xqYQdq3/t0FVYT7V7yRodaXaD1AOxZXwxbnh+ubKxpEhYwnnnewi5nX3FAnazA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=soXFkldSyLSNnkkSTyftWDsb5rk7pks5VLitcJbnhCU=;
 b=DC2/ELyJ0wkn+RBMc4IF1h0/gxkrmH1UyWtLO/lX2he1n9f5prNaUqw8A91dXcFU9pWTpRt+LUiEBMityEDsB15VlsFH2Qx8whWAitEhU/UTw6JgY55ghTAp10WI17ojUWgWoOJcviPbwIXj6ahSA3WD7fBU+dYdls9XdhO3c9j+66PbGw7B4/ZfjRZCwNLC8hqVADM9fC2CzohCMyfeWpHFX+Uwf6W6OiWxy4X+xk7g4AgojjjGA7ZxLV+JnWymr3OV8MQNLViBXHd9Rd3HgT4TTJOOz9fE4OmcCGuZN2//J0yeV2fqS6OUInbjgsWpIo7IR3tBz5FYhT3ULJTHmQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=soXFkldSyLSNnkkSTyftWDsb5rk7pks5VLitcJbnhCU=;
 b=EC8gwAs+uR1bR8hhhRqqlT3fAh3lE1xua7227Ne7605vkDx7UFJ8Vx9cPjzk8ynGJK4VN0BofVc063Ek7lLvvnb9/1Dx6dL8FlKLEbaAncR4FmsZAe4ioyCbg5qEYt/OFAa3zekGaKJplgFnkXN/xdHqv3pv03RNcuUhrMHwP6g=
Received: from CY4PR11MB1288.namprd11.prod.outlook.com (2603:10b6:903:23::8)
 by CY4PR11MB1368.namprd11.prod.outlook.com (2603:10b6:903:2e::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3326.19; Wed, 2 Sep
 2020 04:02:03 +0000
Received: from CY4PR11MB1288.namprd11.prod.outlook.com
 ([fe80::163:9209:a92d:812]) by CY4PR11MB1288.namprd11.prod.outlook.com
 ([fe80::163:9209:a92d:812%6]) with mapi id 15.20.3326.025; Wed, 2 Sep 2020
 04:02:03 +0000
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "lersek@redhat.com"
	<lersek@redhat.com>
CC: "Wang, Jian J" <jian.j.wang@intel.com>, "Xu, Min M" <min.m.xu@intel.com>,
	Wenyi Xie <xiewenyi2@huawei.com>
Subject: Re: [edk2-devel] [PATCH 0/3] SecurityPkg/DxeImageVerificationLib: catch alignment overflow (CVE-2019-14562)
Thread-Topic: [edk2-devel] [PATCH 0/3] SecurityPkg/DxeImageVerificationLib:
 catch alignment overflow (CVE-2019-14562)
Thread-Index: AQHWgEASLJ2VHu1+nkqrpW5FgQEmWqlUuvzg
Date: Wed, 2 Sep 2020 04:02:03 +0000
Message-ID: <CY4PR11MB1288E4F95345EDC297C9A7FC8C2F0@CY4PR11MB1288.namprd11.prod.outlook.com>
References: <20200901091221.20948-1-lersek@redhat.com>
In-Reply-To: <20200901091221.20948-1-lersek@redhat.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-version: 11.5.1.3
dlp-product: dlpe-windows
dlp-reaction: no-action
authentication-results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com;
x-originating-ip: [101.87.137.65]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a7e8c331-9556-493a-fe40-08d84ef4f39c
x-ms-traffictypediagnostic: CY4PR11MB1368:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <CY4PR11MB13689DD7869342607A093AA18C2F0@CY4PR11MB1368.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3173;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8NhsICs/nbbthXYnvoG2AfEP6DKSU7+kdTMQwXbGfXVKAxhhxAErMfYMx408HUM048mvGLQk/sxV8ZhXFyn5k+sgtxRP7eAhKzZDRdXtEinxu08Q1ID9u47rvOk5PxKtVGrkXjhTjsIdm/NbCI/gRbk49lWQIjEtJdwWaubO+vtCPH+KQ3Jqem1XFs/tYf7iqU7mAHXraV9vTFAT2jD0haknGh5sfJJfS08HdCOLIcnfLHkxquTVD2uhZdjouOddUFxpm6RTm0dsKvsPeG7eGtUjvu6ZnsrXOeQCN6Bu7s6ibOzmoiLZpbsqomobraxi94PUfKjD+5Twgrwh07+nNtSjBFzuwRp5QyTBWqIAAahMyRHhlRde5YAWqOIH6aqUerR12bk6kfKOelK+XNghVA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR11MB1288.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(39860400002)(376002)(396003)(346002)(366004)(8676002)(7696005)(66476007)(15650500001)(86362001)(66446008)(33656002)(76116006)(6506007)(966005)(186003)(66946007)(83380400001)(53546011)(4326008)(8936002)(64756008)(66556008)(26005)(5660300002)(110136005)(2906002)(478600001)(52536014)(71200400001)(54906003)(55016002)(9686003)(316002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: 7eB9ToZMX5Ec/NfoVo/TFTt54MySo2d9A8oDhkNmsGg84wuZdrhoQACwj/UD2HOw61T620RqX9AxbwfqPe0tol2/vQNmXp3n6r2yLdtC8XxSBgtYP70hPl+PryVQUlVlTc7PRtSmLkpHdpWJyqjMnUZfD5mkYHUxMRlyxzctlhTaJWbaDR7w2sChA2V9qPXTbRMsiTo3tC9rf8CZxCy3UyujKzOVrqeAwgsIgJCWyclpHouBjYTPrVQW5PmVi+b4ZS4L7oBw+pkk8VnEXNjzh/L79qKoq/J0nO5pfUKmg0nmh2wIttFFjMjgsz9cCh9v7gADa1GbH9FVN0P4fh78B3Ydru11qmv0Xb+jM5cTvob7tmJ0yAMjT2YVZEOyuQniJbzmp2f6rrIlhXDf7FtIQPdJmvFQI9LQ+dRAkcnH15c237Iob6az2U/EIlyL5vChnFcPS4tjH64Wemo2wHUhWlGx/67Y2SreW/KoX7M69pmxS1E/u7LfkEgSFNKE0MwkTFTQpLnLVz8BLEKHlT0RIiBXEyonCG+dqFCsud+Xr0gpYrxCty69nfEFwq6rO/IqP1LzbsPDr6bxQW5+G9q6Qu9ks6Uoy/Aa+X+1s6BaFL4Jx/ia/rYTLPc0mgymf2+MSnnBkN/49gGPJ+YFO+BAqg==
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY4PR11MB1288.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a7e8c331-9556-493a-fe40-08d84ef4f39c
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Sep 2020 04:02:03.8234
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KWHvrO/j44upfkWs51Z2N0g7pvwXZSGxEkgu1RhPPQM9Knt7pnmB950wJwi89nuAYAiFhgSWmHfcfnoy6AYa6A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1368
Return-Path: jiewen.yao@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

The series (1~3) is reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

Thank you
Yao Jiewen

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Laszlo Er=
sek
> Sent: Tuesday, September 1, 2020 5:12 PM
> To: edk2-devel-groups-io <devel@edk2.groups.io>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Yao, Jiewen <jiewen.yao@intel.=
com>;
> Xu, Min M <min.m.xu@intel.com>; Wenyi Xie <xiewenyi2@huawei.com>
> Subject: [edk2-devel] [PATCH 0/3] SecurityPkg/DxeImageVerificationLib: c=
atch
> alignment overflow (CVE-2019-14562)
>=20
> Ref:    https://bugzilla.tianocore.org/show_bug.cgi?id=3D2215
> Repo:   https://pagure.io/lersek/edk2.git
> Branch: tianocore_2215
>=20
> I'm neutral on whether this becomes part of edk2-stable202008.
>=20
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Wenyi Xie <xiewenyi2@huawei.com>
>=20
> Thanks,
> Laszlo
>=20
> Laszlo Ersek (3):
>   SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd,
>     SecDataDirLeft
>   SecurityPkg/DxeImageVerificationLib: assign WinCertificate after size
>     check
>   SecurityPkg/DxeImageVerificationLib: catch alignment overflow
>     (CVE-2019-14562)
>=20
>  SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c |=
 16
> ++++++++++++----
>  1 file changed, 12 insertions(+), 4 deletions(-)
>=20
> --
> 2.19.1.3.g30247aa5d201
>=20
>=20
>=20