public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Wang, Jian J" <jian.j.wang@intel.com>
To: Laszlo Ersek <lersek@redhat.com>,
	edk2-devel-groups-io <devel@edk2.groups.io>
Cc: David Woodhouse <dwmw2@infradead.org>,
	"Wu, Jiaxin" <jiaxin.wu@intel.com>,
	Sivaraman Nainar <sivaramann@amiindia.co.in>,
	"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553)
Date: Mon, 28 Oct 2019 06:16:18 +0000	[thread overview]
Message-ID: <D827630B58408649ACB04F44C5100036259A3FE1@SHSMSX107.ccr.corp.intel.com> (raw)
In-Reply-To: <20191026053719.10453-6-lersek@redhat.com>


Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

Regards,
Jian

> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Saturday, October 26, 2019 1:37 PM
> To: edk2-devel-groups-io <devel@edk2.groups.io>
> Cc: David Woodhouse <dwmw2@infradead.org>; Wang, Jian J
> <jian.j.wang@intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Sivaraman Nainar
> <sivaramann@amiindia.co.in>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553)
> 
> For TianoCore BZ#1734, StdLib has been moved from the edk2 project to the
> edk2-libc project, in commit 964f432b9b0a ("edk2: Remove AppPkg, StdLib,
> StdLibPrivateInternalFiles", 2019-04-29).
> 
> We'd like to use the inet_pton() function in CryptoPkg. Resurrect the
> "inet_pton.c" file from just before the StdLib removal, as follows:
> 
>   $ git show \
>       964f432b9b0a^:StdLib/BsdSocketLib/inet_pton.c \
>       > CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> 
> The inet_pton() function is only intended for the DXE phase at this time,
> therefore only the "BaseCryptLib" instance INF file receives the new file.
> 
> Cc: David Woodhouse <dwmw2@infradead.org>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960
> CVE: CVE-2019-14553
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
> 
> Notes:
>     v2:
>     - new patch
> 
>  CryptoPkg/Library/Include/CrtLibSupport.h          |   1 +
>  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf    |   1 +
>  CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c | 257
> ++++++++++++++++++++
>  3 files changed, 259 insertions(+)
> 
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> b/CryptoPkg/Library/Include/CrtLibSupport.h
> index e603fad763f9..5a20ba636fff 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -191,8 +191,9 @@ char           *secure_getenv (const char *);
>  void           abort       (void) __attribute__((__noreturn__));
>  #else
>  void           abort       (void);
>  #endif
> +int            inet_pton   (int, const char *, void *);
> 
>  //
>  // Macros that directly map functions to BaseLib, BaseMemoryLib, and
> DebugLib functions
>  //
> diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> index a98be2cd9590..dc9e6e5d45f9 100644
> --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> @@ -57,8 +57,9 @@ [Sources]
> 
>    SysCall/CrtWrapper.c
>    SysCall/TimerWrapper.c
>    SysCall/BaseMemAllocation.c
> +  SysCall/inet_pton.c
> 
>  [Sources.Ia32]
>    Rand/CryptRandTsc.c
> 
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> b/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> new file mode 100644
> index 000000000000..32e1ab8690e6
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> @@ -0,0 +1,257 @@
> +/* Copyright (c) 1996 by Internet Software Consortium.
> + *
> + * Permission to use, copy, modify, and distribute this software for any
> + * purpose with or without fee is hereby granted, provided that the above
> + * copyright notice and this permission notice appear in all copies.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE
> CONSORTIUM DISCLAIMS
> + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
> IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET
> SOFTWARE
> + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
> CONSEQUENTIAL
> + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
> DATA OR
> + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
> TORTIOUS
> + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
> PERFORMANCE OF THIS
> + * SOFTWARE.
> + */
> +
> +/*
> + * Portions copyright (c) 1999, 2000
> + * Intel Corporation.
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + *
> + * 1. Redistributions of source code must retain the above copyright
> + *    notice, this list of conditions and the following disclaimer.
> + *
> + * 2. Redistributions in binary form must reproduce the above copyright
> + *    notice, this list of conditions and the following disclaimer in the
> + *    documentation and/or other materials provided with the distribution.
> + *
> + * 3. All advertising materials mentioning features or use of this software
> + *    must display the following acknowledgement:
> + *
> + *    This product includes software developed by Intel Corporation and
> + *    its contributors.
> + *
> + * 4. Neither the name of Intel Corporation or its contributors may be
> + *    used to endorse or promote products derived from this software
> + *    without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION AND CONTRIBUTORS
> ``AS IS''
> + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> LIMITED TO, THE
> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
> PARTICULAR PURPOSE
> + * ARE DISCLAIMED.  IN NO EVENT SHALL INTEL CORPORATION OR
> CONTRIBUTORS BE
> + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
> PROCUREMENT OF
> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
> BUSINESS
> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
> WHETHER IN
> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
> OTHERWISE)
> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
> ADVISED OF
> + * THE POSSIBILITY OF SUCH DAMAGE.
> + *
> + */
> +
> +#if defined(LIBC_SCCS) && !defined(lint)
> +static char rcsid[] = "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 kyu3 Exp
> $";
> +#endif /* LIBC_SCCS and not lint */
> +
> +#include <sys/param.h>
> +#include <sys/types.h>
> +#include <sys/socket.h>
> +#include <netinet/in.h>
> +#include <arpa/inet.h>
> +#include <arpa/nameser.h>
> +#include <string.h>
> +#include <errno.h>
> +
> +/*
> + * WARNING: Don't even consider trying to compile this on a system where
> + * sizeof(int) < 4.  sizeof(int) > 4 is fine; all the world's not a VAX.
> + */
> +
> +static int	inet_pton4 (const char *src, u_char *dst);
> +static int	inet_pton6 (const char *src, u_char *dst);
> +
> +/* int
> + * inet_pton(af, src, dst)
> + *	convert from presentation format (which usually means ASCII printable)
> + *	to network format (which is usually some kind of binary format).
> + * return:
> + *	1 if the address was valid for the specified address family
> + *	0 if the address wasn't valid (`dst' is untouched in this case)
> + *	-1 if some other error occurred (`dst' is untouched in this case, too)
> + * author:
> + *	Paul Vixie, 1996.
> + */
> +int
> +inet_pton(
> +	int af,
> +	const char *src,
> +	void *dst
> +	)
> +{
> +	switch (af) {
> +	case AF_INET:
> +		return (inet_pton4(src, dst));
> +	case AF_INET6:
> +		return (inet_pton6(src, dst));
> +	default:
> +		errno = EAFNOSUPPORT;
> +		return (-1);
> +	}
> +	/* NOTREACHED */
> +}
> +
> +/* int
> + * inet_pton4(src, dst)
> + *	like inet_aton() but without all the hexadecimal and shorthand.
> + * return:
> + *	1 if `src' is a valid dotted quad, else 0.
> + * notice:
> + *	does not touch `dst' unless it's returning 1.
> + * author:
> + *	Paul Vixie, 1996.
> + */
> +static int
> +inet_pton4(
> +	const char *src,
> +	u_char *dst
> +	)
> +{
> +	static const char digits[] = "0123456789";
> +	int saw_digit, octets, ch;
> +	u_char tmp[NS_INADDRSZ], *tp;
> +
> +	saw_digit = 0;
> +	octets = 0;
> +	*(tp = tmp) = 0;
> +	while ((ch = *src++) != '\0') {
> +		const char *pch;
> +
> +		if ((pch = strchr(digits, ch)) != NULL) {
> +			u_int new = *tp * 10 + (u_int)(pch - digits);
> +
> +			if (new > 255)
> +				return (0);
> +			*tp = (u_char)new;
> +			if (! saw_digit) {
> +				if (++octets > 4)
> +					return (0);
> +				saw_digit = 1;
> +			}
> +		} else if (ch == '.' && saw_digit) {
> +			if (octets == 4)
> +				return (0);
> +			*++tp = 0;
> +			saw_digit = 0;
> +		} else
> +			return (0);
> +	}
> +	if (octets < 4)
> +		return (0);
> +
> +	memcpy(dst, tmp, NS_INADDRSZ);
> +	return (1);
> +}
> +
> +/* int
> + * inet_pton6(src, dst)
> + *	convert presentation level address to network order binary form.
> + * return:
> + *	1 if `src' is a valid [RFC1884 2.2] address, else 0.
> + * notice:
> + *	(1) does not touch `dst' unless it's returning 1.
> + *	(2) :: in a full address is silently ignored.
> + * credit:
> + *	inspired by Mark Andrews.
> + * author:
> + *	Paul Vixie, 1996.
> + */
> +static int
> +inet_pton6(
> +	const char *src,
> +	u_char *dst
> +	)
> +{
> +	static const char xdigits_l[] = "0123456789abcdef",
> +			  xdigits_u[] = "0123456789ABCDEF";
> +	u_char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
> +	const char *xdigits, *curtok;
> +	int ch, saw_xdigit;
> +	u_int val;
> +
> +	memset((tp = tmp), '\0', NS_IN6ADDRSZ);
> +	endp = tp + NS_IN6ADDRSZ;
> +	colonp = NULL;
> +	/* Leading :: requires some special handling. */
> +	if (*src == ':')
> +		if (*++src != ':')
> +			return (0);
> +	curtok = src;
> +	saw_xdigit = 0;
> +	val = 0;
> +	while ((ch = *src++) != '\0') {
> +		const char *pch;
> +
> +		if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
> +			pch = strchr((xdigits = xdigits_u), ch);
> +		if (pch != NULL) {
> +			val <<= 4;
> +			val |= (pch - xdigits);
> +			if (val > 0xffff)
> +				return (0);
> +			saw_xdigit = 1;
> +			continue;
> +		}
> +		if (ch == ':') {
> +			curtok = src;
> +			if (!saw_xdigit) {
> +				if (colonp)
> +					return (0);
> +				colonp = tp;
> +				continue;
> +			}
> +			if (tp + NS_INT16SZ > endp)
> +				return (0);
> +			*tp++ = (u_char) (val >> 8) & 0xff;
> +			*tp++ = (u_char) val & 0xff;
> +			saw_xdigit = 0;
> +			val = 0;
> +			continue;
> +		}
> +		if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
> +		    inet_pton4(curtok, tp) > 0) {
> +			tp += NS_INADDRSZ;
> +			saw_xdigit = 0;
> +			break;	/* '\0' was seen by inet_pton4(). */
> +		}
> +		return (0);
> +	}
> +	if (saw_xdigit) {
> +		if (tp + NS_INT16SZ > endp)
> +			return (0);
> +		*tp++ = (u_char) (val >> 8) & 0xff;
> +		*tp++ = (u_char) val & 0xff;
> +	}
> +	if (colonp != NULL) {
> +		/*
> +		 * Since some memmove()'s erroneously fail to handle
> +		 * overlapping regions, we'll do the shift by hand.
> +		 */
> +		const int n = (int)(tp - colonp);
> +		int i;
> +
> +		for (i = 1; i <= n; i++) {
> +			endp[- i] = colonp[n - i];
> +			colonp[n - i] = 0;
> +		}
> +		tp = endp;
> +	}
> +	if (tp != endp)
> +		return (0);
> +	memcpy(dst, tmp, NS_IN6ADDRSZ);
> +	return (1);
> +}
> --
> 2.19.1.3.g30247aa5d201
> 


  reply	other threads:[~2019-10-28  6:16 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-26  5:37 [PATCH v2 0/8] support server identity validation in HTTPS Boot (CVE-2019-14553) Laszlo Ersek
2019-10-26  5:37 ` [PATCH v2 1/8] MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost (CVE-2019-14553) Laszlo Ersek
2019-10-28  8:12   ` [edk2-devel] " Liming Gao
2019-10-26  5:37 ` [PATCH v2 2/8] CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" (CVE-2019-14553) Laszlo Ersek
2019-10-26 11:51   ` [edk2-devel] " Philippe Mathieu-Daudé
2019-11-02 11:01     ` Laszlo Ersek
2019-10-28  5:28   ` Wang, Jian J
2019-10-26  5:37 ` [PATCH v2 3/8] CryptoPkg/Crt: turn strchr() into a function (CVE-2019-14553) Laszlo Ersek
2019-10-26 11:47   ` [edk2-devel] " Philippe Mathieu-Daudé
2019-10-28  5:12   ` Wang, Jian J
2019-10-26  5:37 ` [PATCH v2 4/8] CryptoPkg/Crt: satisfy "inet_pton.c" dependencies (CVE-2019-14553) Laszlo Ersek
2019-10-28  5:34   ` Wang, Jian J
2019-10-28 13:06   ` David Woodhouse
2019-10-29  0:47     ` Laszlo Ersek
2019-10-29  2:44       ` [edk2-devel] " Wu, Jiaxin
2019-10-29  3:19         ` Wang, Jian J
2019-10-26  5:37 ` [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553) Laszlo Ersek
2019-10-28  6:16   ` Wang, Jian J [this message]
2019-10-26  5:37 ` [PATCH v2 6/8] CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals as such (CVE-2019-14553) Laszlo Ersek
2019-10-28  6:12   ` Wang, Jian J
2019-10-26  5:37 ` [PATCH v2 7/8] NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe driver (CVE-2019-14553) Laszlo Ersek
2019-10-26  5:37 ` [PATCH v2 8/8] NetworkPkg/HttpDxe: Set the HostName for the verification (CVE-2019-14553) Laszlo Ersek
2019-10-29  2:37 ` [edk2-devel] [PATCH v2 0/8] support server identity validation in HTTPS Boot (CVE-2019-14553) Wu, Jiaxin
2019-11-02 11:15   ` Laszlo Ersek
2019-10-31  9:28 ` Laszlo Ersek
2019-11-02 11:23   ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=D827630B58408649ACB04F44C5100036259A3FE1@SHSMSX107.ccr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox