Hi Jiewen,
It will be great if you could help me merging in this fix. Please let me know if you need anything else from me to have it merged.
Thanks,
Kun
From: Yao, Jiewen
Sent: Sunday, November 22, 2020 04:25
To: Kun Qin;
gaoliming; devel@edk2.groups.io
Cc: Wang, Jian J;
Lu, XiaoyuX; Jiang, Guomin
Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku
I can help to merge if it is approved.
I will add reviewed-by tag when I merge it.
Thank you
Yao Jiewen
From: Kun Qin <kun.q@outlook.com>
Sent: Sunday, November 22, 2020 3:10 PM
To: gaoliming <gaoliming@byosoft.com.cn>; devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>
Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku
Hi Liming,
It will be great if we can get this in. But I have been having trouble sending a v2 patch that incorporates Jiewen’s “Reviewed-by” tag through git command line for the past week (no other changes). It kept giving me an error of "No host
provider available to service this request". Please let me know if you have any suggestions.
Thanks,
Kun
From: gaoliming
Sent: Thursday, November 19, 2020 9:39 PM
To: devel@edk2.groups.io;
jiewen.yao@intel.com; 'Kun Qin'
Cc: 'Wang, Jian J';
'Lu, XiaoyuX'; 'Jiang, Guomin'
Subject: 回复: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku
Kun:
This is a bug fix. It passed code review. Do you request to merge it for
this stable tag 202011?
Thanks
Liming
> -----邮件原件-----
> 发件人:
bounce+27952+67567+4905953+8761045@groups.io
> <bounce+27952+67567+4905953+8761045@groups.io>
代表 Yao, Jiewen
> 发送时间: 2020年11月14日
8:32
> 收件人: Kun Qin <kun.q@outlook.com>;
devel@edk2.groups.io
> 抄送: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Yao,
> Jiewen <jiewen.yao@intel.com>
> 主题: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer
> double free in CryptPkcs7VerifyEku
>
> Sorry, I missed this email.
>
> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
>
>
> > -----Original Message-----
> > From: Kun Qin <kun.q@outlook.com>
> > Sent: Wednesday, October 21, 2020 10:32 AM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Jiang,
> > Guomin <guomin.jiang@intel.com>
> > Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double free
in
> > CryptPkcs7VerifyEku
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2459
> >
> > SignerCert is part of Pkcs7 instance when both have valid content.
OpenSLL
> > PKCS7_free function will release the memory of SignerCert when
applicable.
> > Freeing SignerCert with X509_free again might cause page fault if use-
> > after-free guard is enabled.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Guomin Jiang <guomin.jiang@intel.com>
> >
> > Signed-off-by: Kun Qin <kun.q@outlook.com>
> > ---
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 4 ----
> > 1 file changed, 4 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > index c9fdb65b99d1..40cc39afe7dd 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > @@ -508,10 +508,6 @@ Exit:
> > free (SignedData);
> >
> > }
> >
> >
> >
> > - if (SignerCert != NULL) {
> >
> > - X509_free (SignerCert);
> >
> > - }
> >
> > -
> >
> > if (Pkcs7 != NULL) {
> >
> > PKCS7_free (Pkcs7);
> >
> > }
> >
> > --
> > 2.28.0.windows.1
>
>
>
>
>