public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH v1 0/1] Fix integer overflow in CryptoPkg
@ 2022-09-28  7:49 Yuan Yu
  2022-09-28  7:49 ` [PATCH v1 1/1] CryptoPkg: Fix integer overflow Yuan Yu
  0 siblings, 1 reply; 4+ messages in thread
From: Yuan Yu @ 2022-09-28  7:49 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Jordan Justen, Laszlo Ersek, Anthony Perard,
	Julien Grall

Some value uses UINT16 which is not wide enough to hold the values that
it is supposed to hold. This series fix it by using UINT32.

The changes can be seen at:
https://github.com/yyu/edk2/tree/overflow_fix_v1

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>

Yuan Yu (1):
  CryptoPkg: Fix integer overflow

 CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.37.3.998.g577e59143f-goog


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v1 1/1] CryptoPkg: Fix integer overflow
  2022-09-28  7:49 [PATCH v1 0/1] Fix integer overflow in CryptoPkg Yuan Yu
@ 2022-09-28  7:49 ` Yuan Yu
  2022-09-28  9:19   ` Ard Biesheuvel
  0 siblings, 1 reply; 4+ messages in thread
From: Yuan Yu @ 2022-09-28  7:49 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Jordan Justen, Laszlo Ersek, Anthony Perard,
	Julien Grall

SECSPERDAY is 86400 which exceeds the limit of a UINT16 which is 65536.
Therefore DayRemainder cannot use UINT16. This patch makes it UINT32.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>

Signed-off-by: Yuan Yu <yuanyu@google.com>
---
 CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
index 7d28446d4b5c..bf8a5325817f 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -118,7 +118,7 @@ gmtime (
 {
   struct tm  *GmTime;
   UINT16     DayNo;
-  UINT16     DayRemainder;
+  UINT32     DayRemainder;
   time_t     Year;
   time_t     YearNo;
   UINT16     TotalDays;
@@ -136,7 +136,7 @@ gmtime (
   ZeroMem ((VOID *)GmTime, (UINTN)sizeof (struct tm));
 
   DayNo        = (UINT16)(*timer / SECSPERDAY);
-  DayRemainder = (UINT16)(*timer % SECSPERDAY);
+  DayRemainder = (UINT32)(*timer % SECSPERDAY);
 
   GmTime->tm_sec  = (int)(DayRemainder % SECSPERMIN);
   GmTime->tm_min  = (int)((DayRemainder % SECSPERHOUR) / SECSPERMIN);
-- 
2.37.3.998.g577e59143f-goog


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH v1 1/1] CryptoPkg: Fix integer overflow
  2022-09-28  7:49 ` [PATCH v1 1/1] CryptoPkg: Fix integer overflow Yuan Yu
@ 2022-09-28  9:19   ` Ard Biesheuvel
  2022-10-10  1:11     ` Yao, Jiewen
  0 siblings, 1 reply; 4+ messages in thread
From: Ard Biesheuvel @ 2022-09-28  9:19 UTC (permalink / raw)
  To: Yuan Yu, Jiewen Yao, Jian J Wang
  Cc: devel, Jordan Justen, Laszlo Ersek, Anthony Perard, Julien Grall

(cc Jiewen and Jian)

On Wed, 28 Sept 2022 at 09:49, Yuan Yu <yuanyu@google.com> wrote:
>
> SECSPERDAY is 86400 which exceeds the limit of a UINT16 which is 65536.
> Therefore DayRemainder cannot use UINT16. This patch makes it UINT32.
>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Anthony Perard <anthony.perard@citrix.com>
> Cc: Julien Grall <julien@xen.org>
>
> Signed-off-by: Yuan Yu <yuanyu@google.com>

Hello Yuan,

Thanks for the patch.

Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

Since this is a CryptoPkg change, the CryptoPkg maintainers are
ultimately the ones that need to accept it, so I have added them to
cc.



> ---
>  CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> index 7d28446d4b5c..bf8a5325817f 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> @@ -118,7 +118,7 @@ gmtime (
>  {
>    struct tm  *GmTime;
>    UINT16     DayNo;
> -  UINT16     DayRemainder;
> +  UINT32     DayRemainder;
>    time_t     Year;
>    time_t     YearNo;
>    UINT16     TotalDays;
> @@ -136,7 +136,7 @@ gmtime (
>    ZeroMem ((VOID *)GmTime, (UINTN)sizeof (struct tm));
>
>    DayNo        = (UINT16)(*timer / SECSPERDAY);
> -  DayRemainder = (UINT16)(*timer % SECSPERDAY);
> +  DayRemainder = (UINT32)(*timer % SECSPERDAY);
>
>    GmTime->tm_sec  = (int)(DayRemainder % SECSPERMIN);
>    GmTime->tm_min  = (int)((DayRemainder % SECSPERHOUR) / SECSPERMIN);
> --
> 2.37.3.998.g577e59143f-goog
>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH v1 1/1] CryptoPkg: Fix integer overflow
  2022-09-28  9:19   ` Ard Biesheuvel
@ 2022-10-10  1:11     ` Yao, Jiewen
  0 siblings, 0 replies; 4+ messages in thread
From: Yao, Jiewen @ 2022-10-10  1:11 UTC (permalink / raw)
  To: Ard Biesheuvel, Yuan Yu, Wang, Jian J
  Cc: devel@edk2.groups.io, Justen, Jordan L, Laszlo Ersek,
	Anthony Perard, Julien Grall

Merged https://github.com/tianocore/edk2/pull/3456

> -----Original Message-----
> From: Ard Biesheuvel <ardb@kernel.org>
> Sent: Wednesday, September 28, 2022 5:20 PM
> To: Yuan Yu <yuanyu@google.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>
> Cc: devel@edk2.groups.io; Justen, Jordan L <jordan.l.justen@intel.com>;
> Laszlo Ersek <lersek@redhat.com>; Anthony Perard
> <anthony.perard@citrix.com>; Julien Grall <julien@xen.org>
> Subject: Re: [PATCH v1 1/1] CryptoPkg: Fix integer overflow
> 
> (cc Jiewen and Jian)
> 
> On Wed, 28 Sept 2022 at 09:49, Yuan Yu <yuanyu@google.com> wrote:
> >
> > SECSPERDAY is 86400 which exceeds the limit of a UINT16 which is 65536.
> > Therefore DayRemainder cannot use UINT16. This patch makes it UINT32.
> >
> > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Anthony Perard <anthony.perard@citrix.com>
> > Cc: Julien Grall <julien@xen.org>
> >
> > Signed-off-by: Yuan Yu <yuanyu@google.com>
> 
> Hello Yuan,
> 
> Thanks for the patch.
> 
> Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
> 
> Since this is a CryptoPkg change, the CryptoPkg maintainers are
> ultimately the ones that need to accept it, so I have added them to
> cc.
> 
> 
> 
> > ---
> >  CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> > index 7d28446d4b5c..bf8a5325817f 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> > @@ -118,7 +118,7 @@ gmtime (
> >  {
> >    struct tm  *GmTime;
> >    UINT16     DayNo;
> > -  UINT16     DayRemainder;
> > +  UINT32     DayRemainder;
> >    time_t     Year;
> >    time_t     YearNo;
> >    UINT16     TotalDays;
> > @@ -136,7 +136,7 @@ gmtime (
> >    ZeroMem ((VOID *)GmTime, (UINTN)sizeof (struct tm));
> >
> >    DayNo        = (UINT16)(*timer / SECSPERDAY);
> > -  DayRemainder = (UINT16)(*timer % SECSPERDAY);
> > +  DayRemainder = (UINT32)(*timer % SECSPERDAY);
> >
> >    GmTime->tm_sec  = (int)(DayRemainder % SECSPERMIN);
> >    GmTime->tm_min  = (int)((DayRemainder % SECSPERHOUR) /
> SECSPERMIN);
> > --
> > 2.37.3.998.g577e59143f-goog
> >

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-10-10  1:11 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-09-28  7:49 [PATCH v1 0/1] Fix integer overflow in CryptoPkg Yuan Yu
2022-09-28  7:49 ` [PATCH v1 1/1] CryptoPkg: Fix integer overflow Yuan Yu
2022-09-28  9:19   ` Ard Biesheuvel
2022-10-10  1:11     ` Yao, Jiewen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox