From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jian.j.wang@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.136; helo=mga12.intel.com;
 envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 9604921959CB2
 for <edk2-devel@lists.01.org>; Tue, 26 Feb 2019 22:56:52 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
 by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 26 Feb 2019 22:56:51 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.58,418,1544515200"; d="scan'208";a="146906737"
Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206])
 by fmsmga002.fm.intel.com with ESMTP; 26 Feb 2019 22:56:52 -0800
Received: from shsmsx105.ccr.corp.intel.com (10.239.4.158) by
 FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Tue, 26 Feb 2019 22:56:51 -0800
Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.162]) by
 SHSMSX105.ccr.corp.intel.com ([169.254.11.253]) with mapi id 14.03.0415.000;
 Wed, 27 Feb 2019 14:56:49 +0800
From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Wang, Jian J" <jian.j.wang@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Wu, Hao A" <hao.a.wu@intel.com>, "Yao, Jiewen" <jiewen.yao@intel.com>,
 "Gao, Liming" <liming.gao@intel.com>, "Zeng, Star" <star.zeng@intel.com>
Thread-Topic: [edk2] [PATCH 1/3] MdeModulePkg/PeiCore: Ensure FfsFileHeader
 8 bytes aligned [CVE-2018-3630]
Thread-Index: AQHUze0Fx1AQK3HjZk2ZxEaQq7eIMKXzNw5w
Date: Wed, 27 Feb 2019 06:56:49 +0000
Message-ID: <D827630B58408649ACB04F44C5100036258B9B11@SHSMSX107.ccr.corp.intel.com>
References: <20190226160425.4816-1-jian.j.wang@intel.com>
 <20190226160425.4816-2-jian.j.wang@intel.com>
In-Reply-To: <20190226160425.4816-2-jian.j.wang@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNjUwZjc1ZDctNTFkYS00YjM3LTgyNmUtZmFmNTRlMGY1MWM4IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiNTF5NGtZOWtqXC9idmNjUmNPV0Y1K2ZsbTF6cTdBR3JhS2p5SWZ2VEVSQVwvVGlUc3NIbU1iSnBKRFJ2MDQzMzBzIn0=
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.400.15
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH 1/3] MdeModulePkg/PeiCore: Ensure FfsFileHeader 8 bytes aligned [CVE-2018-3630]
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 06:56:52 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable



Reviewed-by: Jian J Wang <jian.j.wang@intel.com>


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ji=
an J
> Wang
> Sent: Wednesday, February 27, 2019 12:04 AM
> To: edk2-devel@lists.01.org
> Cc: Wu, Hao A <hao.a.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>
> Subject: [edk2] [PATCH 1/3] MdeModulePkg/PeiCore: Ensure FfsFileHeader 8
> bytes aligned [CVE-2018-3630]
>=20
> From: Star Zeng <star.zeng@intel.com>
>=20
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D864
>=20
> To follow PI spec, ensure FfsFileHeader 8 bytes aligned.
>=20
> Current code only handles (FwVolHeader->ExtHeaderOffset !=3D 0) path,
> update code to also handle (FwVolHeader->ExtHeaderOffset =3D=3D 0) path.
>=20
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Star Zeng <star.zeng@intel.com>
> ---
>  MdeModulePkg/Core/Pei/FwVol/FwVol.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>=20
> diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c
> b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
> index 0a67b96bf1..56440eacf0 100644
> --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c
> +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
> @@ -2,7 +2,7 @@
>    Pei Core Firmware File System service routines.
>=20
>  Copyright (c) 2015 HP Development Company, L.P.
> -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BS=
D
> License
>  which accompanies this distribution.  The full text of the license may b=
e found
> at
> @@ -316,10 +316,10 @@ FindFileEx (
>        //
>        FwVolExtHeader =3D (EFI_FIRMWARE_VOLUME_EXT_HEADER *) ((UINT8 *)
> FwVolHeader + FwVolHeader->ExtHeaderOffset);
>        FfsFileHeader =3D (EFI_FFS_FILE_HEADER *) ((UINT8 *) FwVolExtHeade=
r +
> FwVolExtHeader->ExtHeaderSize);
> -      FfsFileHeader =3D (EFI_FFS_FILE_HEADER *) ALIGN_POINTER (FfsFileHe=
ader, 8);
>      } else {
>        FfsFileHeader =3D (EFI_FFS_FILE_HEADER *)((UINT8 *) FwVolHeader +
> FwVolHeader->HeaderLength);
>      }
> +    FfsFileHeader =3D (EFI_FFS_FILE_HEADER *) ALIGN_POINTER (FfsFileHead=
er, 8);
>    } else {
>      if (IS_FFS_FILE2 (*FileHeader)) {
>        if (!IsFfs3Fv) {
> --
> 2.17.1.windows.2
>=20
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel