From: "Wang, Jian J" <jian.j.wang@intel.com>
To: Laszlo Ersek <lersek@redhat.com>,
edk2-devel-groups-io <devel@edk2.groups.io>
Cc: David Woodhouse <dwmw2@infradead.org>,
"Wu, Jiaxin" <jiaxin.wu@intel.com>,
Sivaraman Nainar <sivaramann@amiindia.co.in>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553)
Date: Mon, 28 Oct 2019 06:16:18 +0000 [thread overview]
Message-ID: <D827630B58408649ACB04F44C5100036259A3FE1@SHSMSX107.ccr.corp.intel.com> (raw)
In-Reply-To: <20191026053719.10453-6-lersek@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Regards,
Jian
> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Saturday, October 26, 2019 1:37 PM
> To: edk2-devel-groups-io <devel@edk2.groups.io>
> Cc: David Woodhouse <dwmw2@infradead.org>; Wang, Jian J
> <jian.j.wang@intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Sivaraman Nainar
> <sivaramann@amiindia.co.in>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553)
>
> For TianoCore BZ#1734, StdLib has been moved from the edk2 project to the
> edk2-libc project, in commit 964f432b9b0a ("edk2: Remove AppPkg, StdLib,
> StdLibPrivateInternalFiles", 2019-04-29).
>
> We'd like to use the inet_pton() function in CryptoPkg. Resurrect the
> "inet_pton.c" file from just before the StdLib removal, as follows:
>
> $ git show \
> 964f432b9b0a^:StdLib/BsdSocketLib/inet_pton.c \
> > CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
>
> The inet_pton() function is only intended for the DXE phase at this time,
> therefore only the "BaseCryptLib" instance INF file receives the new file.
>
> Cc: David Woodhouse <dwmw2@infradead.org>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=960
> CVE: CVE-2019-14553
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
>
> Notes:
> v2:
> - new patch
>
> CryptoPkg/Library/Include/CrtLibSupport.h | 1 +
> CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c | 257
> ++++++++++++++++++++
> 3 files changed, 259 insertions(+)
>
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> b/CryptoPkg/Library/Include/CrtLibSupport.h
> index e603fad763f9..5a20ba636fff 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -191,8 +191,9 @@ char *secure_getenv (const char *);
> void abort (void) __attribute__((__noreturn__));
> #else
> void abort (void);
> #endif
> +int inet_pton (int, const char *, void *);
>
> //
> // Macros that directly map functions to BaseLib, BaseMemoryLib, and
> DebugLib functions
> //
> diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> index a98be2cd9590..dc9e6e5d45f9 100644
> --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> @@ -57,8 +57,9 @@ [Sources]
>
> SysCall/CrtWrapper.c
> SysCall/TimerWrapper.c
> SysCall/BaseMemAllocation.c
> + SysCall/inet_pton.c
>
> [Sources.Ia32]
> Rand/CryptRandTsc.c
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> b/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> new file mode 100644
> index 000000000000..32e1ab8690e6
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c
> @@ -0,0 +1,257 @@
> +/* Copyright (c) 1996 by Internet Software Consortium.
> + *
> + * Permission to use, copy, modify, and distribute this software for any
> + * purpose with or without fee is hereby granted, provided that the above
> + * copyright notice and this permission notice appear in all copies.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE
> CONSORTIUM DISCLAIMS
> + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
> IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET
> SOFTWARE
> + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
> CONSEQUENTIAL
> + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
> DATA OR
> + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
> TORTIOUS
> + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
> PERFORMANCE OF THIS
> + * SOFTWARE.
> + */
> +
> +/*
> + * Portions copyright (c) 1999, 2000
> + * Intel Corporation.
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + *
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + *
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + *
> + * 3. All advertising materials mentioning features or use of this software
> + * must display the following acknowledgement:
> + *
> + * This product includes software developed by Intel Corporation and
> + * its contributors.
> + *
> + * 4. Neither the name of Intel Corporation or its contributors may be
> + * used to endorse or promote products derived from this software
> + * without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION AND CONTRIBUTORS
> ``AS IS''
> + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
> LIMITED TO, THE
> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
> PARTICULAR PURPOSE
> + * ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR
> CONTRIBUTORS BE
> + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
> PROCUREMENT OF
> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
> BUSINESS
> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
> WHETHER IN
> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
> OTHERWISE)
> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
> ADVISED OF
> + * THE POSSIBILITY OF SUCH DAMAGE.
> + *
> + */
> +
> +#if defined(LIBC_SCCS) && !defined(lint)
> +static char rcsid[] = "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 kyu3 Exp
> $";
> +#endif /* LIBC_SCCS and not lint */
> +
> +#include <sys/param.h>
> +#include <sys/types.h>
> +#include <sys/socket.h>
> +#include <netinet/in.h>
> +#include <arpa/inet.h>
> +#include <arpa/nameser.h>
> +#include <string.h>
> +#include <errno.h>
> +
> +/*
> + * WARNING: Don't even consider trying to compile this on a system where
> + * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
> + */
> +
> +static int inet_pton4 (const char *src, u_char *dst);
> +static int inet_pton6 (const char *src, u_char *dst);
> +
> +/* int
> + * inet_pton(af, src, dst)
> + * convert from presentation format (which usually means ASCII printable)
> + * to network format (which is usually some kind of binary format).
> + * return:
> + * 1 if the address was valid for the specified address family
> + * 0 if the address wasn't valid (`dst' is untouched in this case)
> + * -1 if some other error occurred (`dst' is untouched in this case, too)
> + * author:
> + * Paul Vixie, 1996.
> + */
> +int
> +inet_pton(
> + int af,
> + const char *src,
> + void *dst
> + )
> +{
> + switch (af) {
> + case AF_INET:
> + return (inet_pton4(src, dst));
> + case AF_INET6:
> + return (inet_pton6(src, dst));
> + default:
> + errno = EAFNOSUPPORT;
> + return (-1);
> + }
> + /* NOTREACHED */
> +}
> +
> +/* int
> + * inet_pton4(src, dst)
> + * like inet_aton() but without all the hexadecimal and shorthand.
> + * return:
> + * 1 if `src' is a valid dotted quad, else 0.
> + * notice:
> + * does not touch `dst' unless it's returning 1.
> + * author:
> + * Paul Vixie, 1996.
> + */
> +static int
> +inet_pton4(
> + const char *src,
> + u_char *dst
> + )
> +{
> + static const char digits[] = "0123456789";
> + int saw_digit, octets, ch;
> + u_char tmp[NS_INADDRSZ], *tp;
> +
> + saw_digit = 0;
> + octets = 0;
> + *(tp = tmp) = 0;
> + while ((ch = *src++) != '\0') {
> + const char *pch;
> +
> + if ((pch = strchr(digits, ch)) != NULL) {
> + u_int new = *tp * 10 + (u_int)(pch - digits);
> +
> + if (new > 255)
> + return (0);
> + *tp = (u_char)new;
> + if (! saw_digit) {
> + if (++octets > 4)
> + return (0);
> + saw_digit = 1;
> + }
> + } else if (ch == '.' && saw_digit) {
> + if (octets == 4)
> + return (0);
> + *++tp = 0;
> + saw_digit = 0;
> + } else
> + return (0);
> + }
> + if (octets < 4)
> + return (0);
> +
> + memcpy(dst, tmp, NS_INADDRSZ);
> + return (1);
> +}
> +
> +/* int
> + * inet_pton6(src, dst)
> + * convert presentation level address to network order binary form.
> + * return:
> + * 1 if `src' is a valid [RFC1884 2.2] address, else 0.
> + * notice:
> + * (1) does not touch `dst' unless it's returning 1.
> + * (2) :: in a full address is silently ignored.
> + * credit:
> + * inspired by Mark Andrews.
> + * author:
> + * Paul Vixie, 1996.
> + */
> +static int
> +inet_pton6(
> + const char *src,
> + u_char *dst
> + )
> +{
> + static const char xdigits_l[] = "0123456789abcdef",
> + xdigits_u[] = "0123456789ABCDEF";
> + u_char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
> + const char *xdigits, *curtok;
> + int ch, saw_xdigit;
> + u_int val;
> +
> + memset((tp = tmp), '\0', NS_IN6ADDRSZ);
> + endp = tp + NS_IN6ADDRSZ;
> + colonp = NULL;
> + /* Leading :: requires some special handling. */
> + if (*src == ':')
> + if (*++src != ':')
> + return (0);
> + curtok = src;
> + saw_xdigit = 0;
> + val = 0;
> + while ((ch = *src++) != '\0') {
> + const char *pch;
> +
> + if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
> + pch = strchr((xdigits = xdigits_u), ch);
> + if (pch != NULL) {
> + val <<= 4;
> + val |= (pch - xdigits);
> + if (val > 0xffff)
> + return (0);
> + saw_xdigit = 1;
> + continue;
> + }
> + if (ch == ':') {
> + curtok = src;
> + if (!saw_xdigit) {
> + if (colonp)
> + return (0);
> + colonp = tp;
> + continue;
> + }
> + if (tp + NS_INT16SZ > endp)
> + return (0);
> + *tp++ = (u_char) (val >> 8) & 0xff;
> + *tp++ = (u_char) val & 0xff;
> + saw_xdigit = 0;
> + val = 0;
> + continue;
> + }
> + if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
> + inet_pton4(curtok, tp) > 0) {
> + tp += NS_INADDRSZ;
> + saw_xdigit = 0;
> + break; /* '\0' was seen by inet_pton4(). */
> + }
> + return (0);
> + }
> + if (saw_xdigit) {
> + if (tp + NS_INT16SZ > endp)
> + return (0);
> + *tp++ = (u_char) (val >> 8) & 0xff;
> + *tp++ = (u_char) val & 0xff;
> + }
> + if (colonp != NULL) {
> + /*
> + * Since some memmove()'s erroneously fail to handle
> + * overlapping regions, we'll do the shift by hand.
> + */
> + const int n = (int)(tp - colonp);
> + int i;
> +
> + for (i = 1; i <= n; i++) {
> + endp[- i] = colonp[n - i];
> + colonp[n - i] = 0;
> + }
> + tp = endp;
> + }
> + if (tp != endp)
> + return (0);
> + memcpy(dst, tmp, NS_IN6ADDRSZ);
> + return (1);
> +}
> --
> 2.19.1.3.g30247aa5d201
>
next prev parent reply other threads:[~2019-10-28 6:16 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-26 5:37 [PATCH v2 0/8] support server identity validation in HTTPS Boot (CVE-2019-14553) Laszlo Ersek
2019-10-26 5:37 ` [PATCH v2 1/8] MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost (CVE-2019-14553) Laszlo Ersek
2019-10-28 8:12 ` [edk2-devel] " Liming Gao
2019-10-26 5:37 ` [PATCH v2 2/8] CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" (CVE-2019-14553) Laszlo Ersek
2019-10-26 11:51 ` [edk2-devel] " Philippe Mathieu-Daudé
2019-11-02 11:01 ` Laszlo Ersek
2019-10-28 5:28 ` Wang, Jian J
2019-10-26 5:37 ` [PATCH v2 3/8] CryptoPkg/Crt: turn strchr() into a function (CVE-2019-14553) Laszlo Ersek
2019-10-26 11:47 ` [edk2-devel] " Philippe Mathieu-Daudé
2019-10-28 5:12 ` Wang, Jian J
2019-10-26 5:37 ` [PATCH v2 4/8] CryptoPkg/Crt: satisfy "inet_pton.c" dependencies (CVE-2019-14553) Laszlo Ersek
2019-10-28 5:34 ` Wang, Jian J
2019-10-28 13:06 ` David Woodhouse
2019-10-29 0:47 ` Laszlo Ersek
2019-10-29 2:44 ` [edk2-devel] " Wu, Jiaxin
2019-10-29 3:19 ` Wang, Jian J
2019-10-26 5:37 ` [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553) Laszlo Ersek
2019-10-28 6:16 ` Wang, Jian J [this message]
2019-10-26 5:37 ` [PATCH v2 6/8] CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals as such (CVE-2019-14553) Laszlo Ersek
2019-10-28 6:12 ` Wang, Jian J
2019-10-26 5:37 ` [PATCH v2 7/8] NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe driver (CVE-2019-14553) Laszlo Ersek
2019-10-26 5:37 ` [PATCH v2 8/8] NetworkPkg/HttpDxe: Set the HostName for the verification (CVE-2019-14553) Laszlo Ersek
2019-10-29 2:37 ` [edk2-devel] [PATCH v2 0/8] support server identity validation in HTTPS Boot (CVE-2019-14553) Wu, Jiaxin
2019-11-02 11:15 ` Laszlo Ersek
2019-10-31 9:28 ` Laszlo Ersek
2019-11-02 11:23 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D827630B58408649ACB04F44C5100036259A3FE1@SHSMSX107.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox