From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.115; helo=mga14.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1DB5D211CF348 for ; Tue, 26 Feb 2019 22:55:15 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Feb 2019 22:55:15 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,418,1544515200"; d="scan'208";a="119424645" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga006.jf.intel.com with ESMTP; 26 Feb 2019 22:55:14 -0800 Received: from fmsmsx111.amr.corp.intel.com (10.18.116.5) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 26 Feb 2019 22:55:13 -0800 Received: from shsmsx108.ccr.corp.intel.com (10.239.4.97) by fmsmsx111.amr.corp.intel.com (10.18.116.5) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 26 Feb 2019 22:55:13 -0800 Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.162]) by SHSMSX108.ccr.corp.intel.com ([169.254.8.36]) with mapi id 14.03.0415.000; Wed, 27 Feb 2019 14:55:11 +0800 From: "Wang, Jian J" To: "Wang, Jian J" , "edk2-devel@lists.01.org" CC: "Yao, Jiewen" , "Gao, Liming" , "Zeng, Star" Thread-Topic: [edk2] [PATCH 3/3] IntelFrameworkModulePkg/FwVolDxe: Ensure FfsFileHeader 8 bytes aligned [CVE-2018-3630] Thread-Index: AQHUze0MLE6SmWor1E+Uw3AgFYgIdaXzNrKg Date: Wed, 27 Feb 2019 06:55:11 +0000 Message-ID: References: <20190226160425.4816-1-jian.j.wang@intel.com> <20190226160425.4816-4-jian.j.wang@intel.com> In-Reply-To: <20190226160425.4816-4-jian.j.wang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYzQ5NzZlOTEtYzE0YS00M2JlLTk2OTktZTc4MjAwOTUwYjdmIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiQUduRmQzdnRiY0E4ZGdsMmpIeHFyNTFnUUlEZjJLeEF2TXZUK0E1WCtFU1k0eGY0REZJbFRaTVJveCtCbXZxMSJ9 x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.400.15 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH 3/3] IntelFrameworkModulePkg/FwVolDxe: Ensure FfsFileHeader 8 bytes aligned [CVE-2018-3630] X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2019 06:55:16 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jian J Wang > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ji= an J > Wang > Sent: Wednesday, February 27, 2019 12:04 AM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen ; Gao, Liming ; > Zeng, Star > Subject: [edk2] [PATCH 3/3] IntelFrameworkModulePkg/FwVolDxe: Ensure > FfsFileHeader 8 bytes aligned [CVE-2018-3630] >=20 > From: Star Zeng >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D864 >=20 > To follow PI spec, ensure FfsFileHeader 8 bytes aligned. >=20 > Current code only handles (FwVolHeader->ExtHeaderOffset !=3D 0) path, > update code to also handle (FwVolHeader->ExtHeaderOffset =3D=3D 0) path. >=20 > Cc: Jiewen Yao > Cc: Liming Gao > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Star Zeng > --- > .../Universal/FirmwareVolume/FwVolDxe/FwVol.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) >=20 > diff --git > a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c > b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c > index 9a031bab14..9a892240b4 100644 > --- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c > +++ > b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c > @@ -4,7 +4,7 @@ > Layers on top of Firmware Block protocol to produce a file abstraction > of FV based files. >=20 > - Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
> + Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
>=20 > This program and the accompanying materials > are licensed and made available under the terms and conditions > @@ -510,10 +510,10 @@ FvCheck ( > // > FwVolExtHeader =3D (EFI_FIRMWARE_VOLUME_EXT_HEADER *) (UINTN) > (FvDevice->CachedFv + FvDevice->FwVolHeader->ExtHeaderOffset); > Ptr =3D (UINT8 *) FwVolExtHeader + FwVolExtHeader->ExtHeaderSize; > - Ptr =3D (UINT8 *) ALIGN_POINTER (Ptr, 8); > } else { > Ptr =3D (UINT8 *) (UINTN) (FvDevice->CachedFv + FvDevice->FwVolHeade= r- > >HeaderLength); > } > + Ptr =3D (UINT8 *) ALIGN_POINTER (Ptr, 8); > TopFvAddress =3D (UINT8 *) (UINTN) (FvDevice->CachedFv + FvDevice- > >FwVolHeader->FvLength); >=20 > // > -- > 2.17.1.windows.2 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel