From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.92.23.18]) by mx.groups.io with SMTP id smtpd.web09.28626.1606094199354405632 for ; Sun, 22 Nov 2020 17:16:40 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@outlook.com header.s=selector1 header.b=kv3U8KI/; spf=pass (domain: outlook.com, ip: 40.92.23.18, mailfrom: kun.q@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RbWTRZOjnU3/+B3geah3n3H8beFXBElh8lKa0weelhw/W9qgcSs641i5iR6YqOmQHfeB1cIEav+iKmwDnY5aZAIem9Qe/Jl0AaWTCC2SaWmjuiWF59R9zbPDbNMb6gywCUVmdMK0qTDMjD8yGU2ieX4FqIh7/8qWUv83ZTIAKoTWkAjcxIbyeKBGm0kzlr7df1YduQo+hHNi4uXDYVQrRxdAMBEnkwlISBzqmhoWnIMrMiBNvlVrE55yq/FrpeZBHWPhYQ38FoA6cgbNpm+QqpOUS1eQQ7PM2nB+sifTrzziFOB609RkEU/Dvc0lBTFix5RlfoPVGoIUzGM+qywVdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qgRm6P7ZBgz+28xQv4JzjMKFdzjSU5eqJ3RRiR7I5EE=; b=T1TLs6bXpwzPMv9Vc4zWqvAAhCEIsDl5WftjTyELYNgijHfBrapzMGXmdIZlnnE7nY0wIiVVjT9wzqWmh2pWrNuKt8aQRKCc/xSK5A/+KeVZZqlUyCA56cnsywTUBQb+aa7B5u9oUv4Rgd6CqdFbd2yilEoenvim3bzEMs200FmMXxRMbfLdfWhvOqujGZobmW0V4dwcZXmPDZ4pQRwfGolEAV7/5JMI1dRS4zihG01NTTl1/LZK71KCP/goBPxdyRh2oZkb8CCCr+/OeDGdo7vHUFAQY2tLTbaCAdcnkjGrTgnNeeHtaQTOMs7+uC+KghV0phR5q46woD1q4C8fEA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qgRm6P7ZBgz+28xQv4JzjMKFdzjSU5eqJ3RRiR7I5EE=; b=kv3U8KI/ILLwiG44HMxccg3oqAa99MuDdaf6hIfO7cB8y0POUUgvDgbTKwVLMKoYlZvk+bADudNEPzVOrW6gpgSJIhQfBTgb+WxZXSx2EMJZpT9k5U8FMt54WxvzjkWda9DLK07qqZBWzz7dsFSKhzkzNxsAr4L59WgWp26lLG8U23qNyjHlo9/fxcS1dKnfYqn6fiOnJLK94cC+b5AAX5jek6NUV1u1qgEyVSfiPZow5U2F73qxXOSP6MVDMXZBDsQslFE13Gx9PmNl2ACTLHItRN7oeI1P1vbMGyKBzLVfokMP/IRZS3+ZdWjUctR7Og1k78CQDoDYTmidCiLZVg== Received: from BN8NAM12FT010.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc66::53) by BN8NAM12HT151.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc66::109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3589.12; Mon, 23 Nov 2020 01:16:37 +0000 Received: from MWHPR06MB3102.namprd06.prod.outlook.com (2a01:111:e400:fc66::44) by BN8NAM12FT010.mail.protection.outlook.com (2a01:111:e400:fc66::62) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.11 via Frontend Transport; Mon, 23 Nov 2020 01:16:37 +0000 Received: from MWHPR06MB3102.namprd06.prod.outlook.com ([fe80::2814:c86b:7446:74e1]) by MWHPR06MB3102.namprd06.prod.outlook.com ([fe80::2814:c86b:7446:74e1%3]) with mapi id 15.20.3499.035; Mon, 23 Nov 2020 01:16:36 +0000 From: Kun Qin To: "Yao, Jiewen" , gaoliming , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Lu, XiaoyuX" , "Jiang, Guomin" Subject: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku Thread-Topic: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer double free in CryptPkcs7VerifyEku Thread-Index: AQHWp1J0L2dhCABhE02IdzhaIfePH6nG7GcAgAnD2oCAAzzjiYAAWVmAgADVrpQ= Date: Mon, 23 Nov 2020 01:16:36 +0000 Message-ID: References: <20201021023228.1884-1-kun.q@outlook.com> ,<017801d6beff$73c708d0$5b551a70$@byosoft.com.cn> , In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-incomingtopheadermarker: OriginalChecksum:303707BA93EFBDFAAF71869FA042ED2E91D37A36800BBB626DF75C37CB761194;UpperCasedChecksum:28BC61D8784654713B00F2D4EAB973EBA432D27BEB161E0AABDBFEC70156F895;SizeAsReceived:7571;Count:44 x-tmn: [OWNXdmS6o8W6I9sSkKljju3MUNgjHk8u] x-ms-publictraffictype: Email x-incomingheadercount: 44 x-eopattributedmessage: 0 x-ms-office365-filtering-correlation-id: c70be263-2750-408e-6364-08d88f4d6c91 x-ms-traffictypediagnostic: BN8NAM12HT151: x-ms-exchange-minimumurldomainage: groups.io#3668 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 1Z3G4gkE8apqtw4R6k4GuHaFHaRCfg2Qzs7lW6V9DqlZ/9c7jM64yzh/ZlHrG1cRrb5MpjkFyg+Or/tx9vKURX0BMI/rZY2GzuX9sBtvrTsEyT0C41USu6OMwgfKxqsSh3qyZD5bfmsl4q8ssIzYIr2CInyOj6AA0g6Q+3oHo3M3Fw7Rnib/zSOsE/bs0yY63Z732xElMhx66z5S1+ZbDy/adpy2StC3WY/z8zkZtUPFFGn+C1rbv4tWRipt9njl x-ms-exchange-antispam-messagedata: mTbSic86WzNulmvgcEAdksA0IEnXFciGpbb+N7Azjt9xhWe0givbtwj1mHLQkY68rNFDw13rnLfHO5jZrXVyIiw8+Ugxr9DxvTFdyXOYMGUo3eo7ldC4QLoobyH1Ktm4cLM+j7Uuh0aPriJf1ljgyg== x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-AuthSource: BN8NAM12FT010.eop-nam12.prod.protection.outlook.com X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-CrossTenant-Network-Message-Id: c70be263-2750-408e-6364-08d88f4d6c91 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Nov 2020 01:16:36.8826 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8NAM12HT151 Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MWHPR06MB3102B443AE3A4CECA95ED63AF3FC0MWHPR06MB3102namp_" --_000_MWHPR06MB3102B443AE3A4CECA95ED63AF3FC0MWHPR06MB3102namp_ Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 SGkgSmlld2VuLA0KDQpJdCB3aWxsIGJlIGdyZWF0IGlmIHlvdSBjb3VsZCBoZWxwIG1lIG1lcmdp bmcgaW4gdGhpcyBmaXguIFBsZWFzZSBsZXQgbWUga25vdyBpZiB5b3UgbmVlZCBhbnl0aGluZyBl bHNlIGZyb20gbWUgdG8gaGF2ZSBpdCBtZXJnZWQuDQoNClRoYW5rcywNCkt1bg0KDQpGcm9tOiBZ YW8sIEppZXdlbjxtYWlsdG86amlld2VuLnlhb0BpbnRlbC5jb20+DQpTZW50OiBTdW5kYXksIE5v dmVtYmVyIDIyLCAyMDIwIDA0OjI1DQpUbzogS3VuIFFpbjxtYWlsdG86a3VuLnFAb3V0bG9vay5j b20+OyBnYW9saW1pbmc8bWFpbHRvOmdhb2xpbWluZ0BieW9zb2Z0LmNvbS5jbj47IGRldmVsQGVk azIuZ3JvdXBzLmlvPG1haWx0bzpkZXZlbEBlZGsyLmdyb3Vwcy5pbz4NCkNjOiBXYW5nLCBKaWFu IEo8bWFpbHRvOmppYW4uai53YW5nQGludGVsLmNvbT47IEx1LCBYaWFveXVYPG1haWx0bzp4aWFv eXV4Lmx1QGludGVsLmNvbT47IEppYW5nLCBHdW9taW48bWFpbHRvOmd1b21pbi5qaWFuZ0BpbnRl bC5jb20+DQpTdWJqZWN0OiBSRTogW2VkazItZGV2ZWxdIFtQQVRDSCB2MSAxLzFdIENyeXB0b1Br ZzogQmFzZUNyeXB0TGliOiBGaXggYnVmZmVyIGRvdWJsZSBmcmVlIGluIENyeXB0UGtjczdWZXJp ZnlFa3UNCg0KSSBjYW4gaGVscCB0byBtZXJnZSBpZiBpdCBpcyBhcHByb3ZlZC4NCg0KSSB3aWxs IGFkZCByZXZpZXdlZC1ieSB0YWcgd2hlbiBJIG1lcmdlIGl0Lg0KDQpUaGFuayB5b3UNCllhbyBK aWV3ZW4NCg0KRnJvbTogS3VuIFFpbiA8a3VuLnFAb3V0bG9vay5jb20+DQpTZW50OiBTdW5kYXks IE5vdmVtYmVyIDIyLCAyMDIwIDM6MTAgUE0NClRvOiBnYW9saW1pbmcgPGdhb2xpbWluZ0BieW9z b2Z0LmNvbS5jbj47IGRldmVsQGVkazIuZ3JvdXBzLmlvOyBZYW8sIEppZXdlbiA8amlld2VuLnlh b0BpbnRlbC5jb20+DQpDYzogV2FuZywgSmlhbiBKIDxqaWFuLmoud2FuZ0BpbnRlbC5jb20+OyBM dSwgWGlhb3l1WCA8eGlhb3l1eC5sdUBpbnRlbC5jb20+OyBKaWFuZywgR3VvbWluIDxndW9taW4u amlhbmdAaW50ZWwuY29tPg0KU3ViamVjdDogUkU6IFtlZGsyLWRldmVsXSBbUEFUQ0ggdjEgMS8x XSBDcnlwdG9Qa2c6IEJhc2VDcnlwdExpYjogRml4IGJ1ZmZlciBkb3VibGUgZnJlZSBpbiBDcnlw dFBrY3M3VmVyaWZ5RWt1DQoNCkhpIExpbWluZywNCg0KSXQgd2lsbCBiZSBncmVhdCBpZiB3ZSBj YW4gZ2V0IHRoaXMgaW4uIEJ1dCBJIGhhdmUgYmVlbiBoYXZpbmcgdHJvdWJsZSBzZW5kaW5nIGEg djIgcGF0Y2ggdGhhdCBpbmNvcnBvcmF0ZXMgSmlld2Vuoa9zIKGwUmV2aWV3ZWQtYnmhsSB0YWcg dGhyb3VnaCBnaXQgY29tbWFuZCBsaW5lIGZvciB0aGUgcGFzdCB3ZWVrIChubyBvdGhlciBjaGFu Z2VzKS4gSXQga2VwdCBnaXZpbmcgbWUgYW4gZXJyb3Igb2YgIk5vIGhvc3QgcHJvdmlkZXIgYXZh aWxhYmxlIHRvIHNlcnZpY2UgdGhpcyByZXF1ZXN0Ii4gUGxlYXNlIGxldCBtZSBrbm93IGlmIHlv dSBoYXZlIGFueSBzdWdnZXN0aW9ucy4NCg0KVGhhbmtzLA0KS3VuDQoNCg0KRnJvbTogZ2FvbGlt aW5nPG1haWx0bzpnYW9saW1pbmdAYnlvc29mdC5jb20uY24+DQpTZW50OiBUaHVyc2RheSwgTm92 ZW1iZXIgMTksIDIwMjAgOTozOSBQTQ0KVG86IGRldmVsQGVkazIuZ3JvdXBzLmlvPG1haWx0bzpk ZXZlbEBlZGsyLmdyb3Vwcy5pbz47IGppZXdlbi55YW9AaW50ZWwuY29tPG1haWx0bzpqaWV3ZW4u eWFvQGludGVsLmNvbT47ICdLdW4gUWluJzxtYWlsdG86a3VuLnFAb3V0bG9vay5jb20+DQpDYzog J1dhbmcsIEppYW4gSic8bWFpbHRvOmppYW4uai53YW5nQGludGVsLmNvbT47ICdMdSwgWGlhb3l1 WCc8bWFpbHRvOnhpYW95dXgubHVAaW50ZWwuY29tPjsgJ0ppYW5nLCBHdW9taW4nPG1haWx0bzpn dW9taW4uamlhbmdAaW50ZWwuY29tPg0KU3ViamVjdDogu9i4tDogW2VkazItZGV2ZWxdIFtQQVRD SCB2MSAxLzFdIENyeXB0b1BrZzogQmFzZUNyeXB0TGliOiBGaXggYnVmZmVyIGRvdWJsZSBmcmVl IGluIENyeXB0UGtjczdWZXJpZnlFa3UNCg0KS3VuOg0KIFRoaXMgaXMgYSBidWcgZml4LiBJdCBw YXNzZWQgY29kZSByZXZpZXcuIERvIHlvdSByZXF1ZXN0IHRvIG1lcmdlIGl0IGZvcg0KdGhpcyBz dGFibGUgdGFnIDIwMjAxMT8NCg0KVGhhbmtzDQpMaW1pbmcNCj4gLS0tLS3Tyrz+1K28/i0tLS0t DQo+ILeivP7IyzogYm91bmNlKzI3OTUyKzY3NTY3KzQ5MDU5NTMrODc2MTA0NUBncm91cHMuaW88 bWFpbHRvOmJvdW5jZSsyNzk1Mis2NzU2Nys0OTA1OTUzKzg3NjEwNDVAZ3JvdXBzLmlvPg0KPiA8 Ym91bmNlKzI3OTUyKzY3NTY3KzQ5MDU5NTMrODc2MTA0NUBncm91cHMuaW88bWFpbHRvOmJvdW5j ZSsyNzk1Mis2NzU2Nys0OTA1OTUzKzg3NjEwNDVAZ3JvdXBzLmlvPj4gtPqx7SBZYW8sIEppZXdl bg0KPiC3osvNyrG85DogMjAyMMTqMTHUwjE0yNUgODozMg0KPiDK1bz+yMs6IEt1biBRaW4gPGt1 bi5xQG91dGxvb2suY29tPG1haWx0bzprdW4ucUBvdXRsb29rLmNvbT4+OyBkZXZlbEBlZGsyLmdy b3Vwcy5pbzxtYWlsdG86ZGV2ZWxAZWRrMi5ncm91cHMuaW8+DQo+ILOty806IFdhbmcsIEppYW4g SiA8amlhbi5qLndhbmdAaW50ZWwuY29tPG1haWx0bzpqaWFuLmoud2FuZ0BpbnRlbC5jb20+Pjsg THUsIFhpYW95dVgNCj4gPHhpYW95dXgubHVAaW50ZWwuY29tPG1haWx0bzp4aWFveXV4Lmx1QGlu dGVsLmNvbT4+OyBKaWFuZywgR3VvbWluIDxndW9taW4uamlhbmdAaW50ZWwuY29tPG1haWx0bzpn dW9taW4uamlhbmdAaW50ZWwuY29tPj47IFlhbywNCj4gSmlld2VuIDxqaWV3ZW4ueWFvQGludGVs LmNvbTxtYWlsdG86amlld2VuLnlhb0BpbnRlbC5jb20+Pg0KPiDW98ziOiBSZTogW2VkazItZGV2 ZWxdIFtQQVRDSCB2MSAxLzFdIENyeXB0b1BrZzogQmFzZUNyeXB0TGliOiBGaXggYnVmZmVyDQo+ IGRvdWJsZSBmcmVlIGluIENyeXB0UGtjczdWZXJpZnlFa3UNCj4NCj4gU29ycnksIEkgbWlzc2Vk IHRoaXMgZW1haWwuDQo+DQo+IFJldmlld2VkLWJ5OiBKaWV3ZW4gWWFvIDxKaWV3ZW4ueWFvQGlu dGVsLmNvbTxtYWlsdG86Smlld2VuLnlhb0BpbnRlbC5jb20+Pg0KPg0KPg0KPiA+IC0tLS0tT3Jp Z2luYWwgTWVzc2FnZS0tLS0tDQo+ID4gRnJvbTogS3VuIFFpbiA8a3VuLnFAb3V0bG9vay5jb208 bWFpbHRvOmt1bi5xQG91dGxvb2suY29tPj4NCj4gPiBTZW50OiBXZWRuZXNkYXksIE9jdG9iZXIg MjEsIDIwMjAgMTA6MzIgQU0NCj4gPiBUbzogZGV2ZWxAZWRrMi5ncm91cHMuaW88bWFpbHRvOmRl dmVsQGVkazIuZ3JvdXBzLmlvPg0KPiA+IENjOiBXYW5nLCBKaWFuIEogPGppYW4uai53YW5nQGlu dGVsLmNvbTxtYWlsdG86amlhbi5qLndhbmdAaW50ZWwuY29tPj47IEx1LCBYaWFveXVYDQo+ID4g PHhpYW95dXgubHVAaW50ZWwuY29tPG1haWx0bzp4aWFveXV4Lmx1QGludGVsLmNvbT4+OyBZYW8s IEppZXdlbiA8amlld2VuLnlhb0BpbnRlbC5jb208bWFpbHRvOmppZXdlbi55YW9AaW50ZWwuY29t Pj47IEppYW5nLA0KPiA+IEd1b21pbiA8Z3VvbWluLmppYW5nQGludGVsLmNvbTxtYWlsdG86Z3Vv bWluLmppYW5nQGludGVsLmNvbT4+DQo+ID4gU3ViamVjdDogW1BBVENIIHYxIDEvMV0gQ3J5cHRv UGtnOiBCYXNlQ3J5cHRMaWI6IEZpeCBidWZmZXIgZG91YmxlIGZyZWUNCmluDQo+ID4gQ3J5cHRQ a2NzN1ZlcmlmeUVrdQ0KPiA+DQo+ID4gUkVGOiBodHRwczovL2J1Z3ppbGxhLnRpYW5vY29yZS5v cmcvc2hvd19idWcuY2dpP2lkPTI0NTkNCj4gPg0KPiA+IFNpZ25lckNlcnQgaXMgcGFydCBvZiBQ a2NzNyBpbnN0YW5jZSB3aGVuIGJvdGggaGF2ZSB2YWxpZCBjb250ZW50Lg0KT3BlblNMTA0KPiA+ IFBLQ1M3X2ZyZWUgZnVuY3Rpb24gd2lsbCByZWxlYXNlIHRoZSBtZW1vcnkgb2YgU2lnbmVyQ2Vy dCB3aGVuDQphcHBsaWNhYmxlLg0KPiA+IEZyZWVpbmcgU2lnbmVyQ2VydCB3aXRoIFg1MDlfZnJl ZSBhZ2FpbiBtaWdodCBjYXVzZSBwYWdlIGZhdWx0IGlmIHVzZS0NCj4gPiBhZnRlci1mcmVlIGd1 YXJkIGlzIGVuYWJsZWQuDQo+ID4NCj4gPiBDYzogSmlhbiBKIFdhbmcgPGppYW4uai53YW5nQGlu dGVsLmNvbTxtYWlsdG86amlhbi5qLndhbmdAaW50ZWwuY29tPj4NCj4gPiBDYzogWGlhb3l1IEx1 IDx4aWFveXV4Lmx1QGludGVsLmNvbTxtYWlsdG86eGlhb3l1eC5sdUBpbnRlbC5jb20+Pg0KPiA+ IENjOiBKaWV3ZW4gWWFvIDxqaWV3ZW4ueWFvQGludGVsLmNvbTxtYWlsdG86amlld2VuLnlhb0Bp bnRlbC5jb20+Pg0KPiA+IENjOiBHdW9taW4gSmlhbmcgPGd1b21pbi5qaWFuZ0BpbnRlbC5jb208 bWFpbHRvOmd1b21pbi5qaWFuZ0BpbnRlbC5jb20+Pg0KPiA+DQo+ID4gU2lnbmVkLW9mZi1ieTog S3VuIFFpbiA8a3VuLnFAb3V0bG9vay5jb208bWFpbHRvOmt1bi5xQG91dGxvb2suY29tPj4NCj4g PiAtLS0NCj4gPiAgQ3J5cHRvUGtnL0xpYnJhcnkvQmFzZUNyeXB0TGliL1BrL0NyeXB0UGtjczdW ZXJpZnlFa3UuYyB8IDQgLS0tLQ0KPiA+ICAxIGZpbGUgY2hhbmdlZCwgNCBkZWxldGlvbnMoLSkN Cj4gPg0KPiA+IGRpZmYgLS1naXQgYS9DcnlwdG9Qa2cvTGlicmFyeS9CYXNlQ3J5cHRMaWIvUGsv Q3J5cHRQa2NzN1ZlcmlmeUVrdS5jDQo+ID4gYi9DcnlwdG9Qa2cvTGlicmFyeS9CYXNlQ3J5cHRM aWIvUGsvQ3J5cHRQa2NzN1ZlcmlmeUVrdS5jDQo+ID4gaW5kZXggYzlmZGI2NWI5OWQxLi40MGNj MzlhZmU3ZGQgMTAwNjQ0DQo+ID4gLS0tIGEvQ3J5cHRvUGtnL0xpYnJhcnkvQmFzZUNyeXB0TGli L1BrL0NyeXB0UGtjczdWZXJpZnlFa3UuYw0KPiA+ICsrKyBiL0NyeXB0b1BrZy9MaWJyYXJ5L0Jh c2VDcnlwdExpYi9Qay9DcnlwdFBrY3M3VmVyaWZ5RWt1LmMNCj4gPiBAQCAtNTA4LDEwICs1MDgs NiBAQCBFeGl0Og0KPiA+ICAgICAgZnJlZSAoU2lnbmVkRGF0YSk7DQo+ID4NCj4gPiAgICB9DQo+ ID4NCj4gPg0KPiA+DQo+ID4gLSAgaWYgKFNpZ25lckNlcnQgIT0gTlVMTCkgew0KPiA+DQo+ID4g LSAgICBYNTA5X2ZyZWUgKFNpZ25lckNlcnQpOw0KPiA+DQo+ID4gLSAgfQ0KPiA+DQo+ID4gLQ0K PiA+DQo+ID4gICAgaWYgKFBrY3M3ICE9IE5VTEwpIHsNCj4gPg0KPiA+ICAgICAgUEtDUzdfZnJl ZSAoUGtjczcpOw0KPiA+DQo+ID4gICAgfQ0KPiA+DQo+ID4gLS0NCj4gPiAyLjI4LjAud2luZG93 cy4xDQo+DQo+DQo+DQo+IA0KPg0KDQoNCg== --_000_MWHPR06MB3102B443AE3A4CECA95ED63AF3FC0MWHPR06MB3102namp_ Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Hi Jiewen,

 

It will be great if you could help me merging in th= is fix. Please let me know if you need anything else from me to have it mer= ged.

 

Thanks,

Kun

 

 

I can help to merge if it is approved.

 

I will add reviewed-by tag when I merge it.

 

Thank you

Yao Jiewen

 

From: Kun Qin <kun.q@outlook.com>
Sent: Sunday, November 22, 2020 3:10 PM
To: gaoliming <gaoliming@byosoft.com.cn>; devel@edk2.groups.i= o; Yao, Jiewen <jiewen.yao@intel.com>
Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xia= oyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
Subject: RE: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: F= ix buffer double free in CryptPkcs7VerifyEku

 

Hi Liming,

 

It will be great if we can get this in. But I have = been having trouble sending a v2 patch that incorporates Jiewen=A1=AFs =A1= =B0Reviewed-by=A1=B1 tag through git command line for the past week (no ot= her changes). It kept giving me an error of "No host provider available to service this request". Please let me know if y= ou have any suggestions.

 

Thanks,

Kun

 

 

From: gaoliming
Sent: Thursday, November 19, 2020 9:39 PM
To: devel@edk2.groups.io; jiewen.yao@intel.com; 'Kun Qin'
Cc: 'Wang, Jian J'; 'Lu, XiaoyuX'; 'Jiang, Guomi= n'
Subject: =BB=D8= = =B8=B4: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix bu= ffer double free in CryptPkcs7VerifyEku

 

Kun:
 This is a bug fix. It passed code review. Do you request to merge it= for
this stable tag 202011?

Thanks
Liming
> -----=D3=CA=BC=FE=D4=AD=BC=FE-----
> =B7=A2=BC=FE=C8=CB: bounce+279= 52+67567+4905953+8761045@groups.io
> <b= ounce+27952+67567+4905953+8761045@groups.io> =B4=FA=B1=ED Yao, Jiewen
> =B7=A2=CB=CD=CA=B1=BC=E4: 2020=C4=EA11=D4=C214=C8=D5 8:32
> =CA=D5=BC=FE=C8=CB: Kun Qin <kun.q@outlook.com>; devel@edk2.groups.io
> =B3=AD=CB=CD: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com&= gt;; Jiang, Guomin <guomin.jia= ng@intel.com>; Yao,
> Jiewen <jiewen.yao@intel.c= om>
> =D6=F7=CC=E2: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg= : BaseCryptLib: Fix buffer
> double free in CryptPkcs7VerifyEku
>
> Sorry, I missed this email.
>
> Reviewed-by: Jiewen Yao <J= iewen.yao@intel.com>
>
>
> > -----Original Message-----
> > From: Kun Qin <kun.q@out= look.com>
> > Sent: Wednesday, October 21, 2020 10:32 AM
> > To: devel@edk2.groups.io=
> > Cc: Wang, Jian J <ji= an.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com= >; Yao, Jiewen <jiewen.ya= o@intel.com>; Jiang,
> > Guomin <guomin.jian= g@intel.com>
> > Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Fix buffer doub= le free
in
> > CryptPkcs7VerifyEku
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2459
> >
> > SignerCert is part of Pkcs7 instance when both have valid conten= t.
OpenSLL
> > PKCS7_free function will release the memory of SignerCert when applicable.
> > Freeing SignerCert with X509_free again might cause page fault i= f use-
> > after-free guard is enabled.
> >
> > Cc: Jian J Wang <jia= n.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyu= x.lu@intel.com>
> > Cc: Jiewen Yao <jiewe= n.yao@intel.com>
> > Cc: Guomin Jiang <g= uomin.jiang@intel.com>
> >
> > Signed-off-by: Kun Qin <= kun.q@outlook.com>
> > ---
> >  CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | = 4 ----
> >  1 file changed, 4 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyE= ku.c
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> > index c9fdb65b99d1..40cc39afe7dd 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c > > @@ -508,10 +508,6 @@ Exit:
> >      free (SignedData);
> >
> >    }
> >
> >
> >
> > -  if (SignerCert !=3D NULL) {
> >
> > -    X509_free (SignerCert);
> >
> > -  }
> >
> > -
> >
> >    if (Pkcs7 !=3D NULL) {
> >
> >      PKCS7_free (Pkcs7);
> >
> >    }
> >
> > --
> > 2.28.0.windows.1
>
>
>
>
>

 

 

--_000_MWHPR06MB3102B443AE3A4CECA95ED63AF3FC0MWHPR06MB3102namp_--