From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id B58AD940890 for ; Wed, 29 Nov 2023 00:32:49 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=9XnSgx2I/7SN1UxRzyzX7hK1tRtXimzacmtiBMKWhBI=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1701217968; v=1; b=PA3/tv9gSaozn7n2Lkyjj/5dsbDdKTuENoZCaWzajATUdiWOyHS4HBrvoFPzNSnfskXAE+aI j3CAaLy6dEsRB8DIcsbt7H5jHdJeR8180R5FzuZ/h23KmueysAVEm9oKD9U97FoHxaihUTXoC3Z hw6fDkOQ0fxiM6QVmZX1mXIA= X-Received: by 127.0.0.2 with SMTP id ha5YYY7687511xS9Sasm3cIb; Tue, 28 Nov 2023 16:32:48 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.15631.1701217967870195026 for ; Tue, 28 Nov 2023 16:32:47 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10908"; a="383452670" X-IronPort-AV: E=Sophos;i="6.04,234,1695711600"; d="scan'208";a="383452670" X-Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Nov 2023 16:32:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10908"; a="859610517" X-IronPort-AV: E=Sophos;i="6.04,234,1695711600"; d="scan'208";a="859610517" X-Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by FMSMGA003.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 28 Nov 2023 16:32:46 -0800 X-Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Tue, 28 Nov 2023 16:32:46 -0800 X-Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34 via Frontend Transport; Tue, 28 Nov 2023 16:32:46 -0800 X-Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.41) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.34; Tue, 28 Nov 2023 16:32:46 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HZxhOoeiFMMASUIgJl6VqCROdQ5aUTOUX/YD8PIn5Oe3+r61CMqn1Q7Il+TTfwiGIpfzXzjkJVu4TCBOmiTlMy0QsPWfuHTscpENyVDuR9ghGm1ETe4uKZeWBzt9FZcjfFaqeqm+agziFoxPqh4NhQvfpXUzd+dMJWIUUwKw22yU+UmpW+eQEwATGXTSE1RHOMD2i3eVT8dagb+/OfIpmSPiCbFXmLopcDhlYGT2WVIL96gLip7PEfZufoCI77muJwMSNwGyNWWfRe0qUXJj6AiCcIdEdqsZW56R3GZtT/SqNhgudLa29RhQqI2R0gs2ayRAqsPNmr7Z9u8VMKDTag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=91Od6aSLWziLa53V7cN4OYMX5dmm2hRuonWZL0+8wvY=; b=QI2cODMxol1afoFe/aN3eWzGS/lUgnoAkkf93MPWzUFCU4I08u57kNwMiOf7lT4Gac0yBr9dcd3QKLUwC69/4k5j38eKEpPfEY/UxMh9wTy6XPtYiHrv1FqoIK5ANsXphjJurC1RlmO9zQQpwUmjcaC8rZ2OZuwzWkHszY8ZmmzA8lCZoAAWAOcikMzZ0hf5VzLKroSmO6wawppCRdoz13k7lr+GrGob1JTLOPGPQSjqU+STYIePDh8Pq37DVkqp+BmK1RNbb04YmdKTNq8uQYjx2jqHeNo93CVJRFnhVj0bRZBWCVHB5QInSWa0aPwDHzUZ9zLAOoaTP4dkipEo4g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by CYYPR11MB8308.namprd11.prod.outlook.com (2603:10b6:930:b9::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7025.29; Wed, 29 Nov 2023 00:32:44 +0000 X-Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::36e:4f3c:b08c:a372]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::36e:4f3c:b08c:a372%7]) with mapi id 15.20.7025.022; Wed, 29 Nov 2023 00:32:43 +0000 From: "Min Xu" To: "Sun, CepingX" , "devel@edk2.groups.io" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH V1 1/1] SecurityPkg/DxeTpm2MeasureBootLib: Check the Integer overflow Thread-Topic: [PATCH V1 1/1] SecurityPkg/DxeTpm2MeasureBootLib: Check the Integer overflow Thread-Index: AQHaIMqJyIuwYx3QvUucGCupxTOESrCQdXEQ Date: Wed, 29 Nov 2023 00:32:43 +0000 Message-ID: References: <20231127004101.495-1-cepingx.sun@intel.com> In-Reply-To: <20231127004101.495-1-cepingx.sun@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR11MB5064:EE_|CYYPR11MB8308:EE_ x-ms-office365-filtering-correlation-id: b6e47826-df44-4034-4eb8-08dbf072b3f9 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: cn5K3zklb7wZqFSAw1LBpiuxDFSwoOUrq6uOQzP6PAC64ag1RRyLRwVJRCo5FK/Nc0bCRgYDb0UGg+OJM/6419VgBuqD4Cag3jW9NPt1iuO3321CSfOOf4xhwijOGtuSgSTKIr17PDhpkyRruAeSjg6b7brA/BGawlR7BajzbsSczpDISbcPszBlwyp8j+hGX5abQMx8I/h/uL/JBbTvjFY0E4+dsxo+kZ8lDHJplj9WE9BvwsU3kIHg6hn6oKOZ+9y3/S0RrGNcZ5sUnSAtJUKpkUp0vbuQ8jU0yM7RBNvgJa/Kg3eUl4w9xqlVVDXno8KDyehSqOM0y4rgdNIDU+L2Vex0B6H4llpUeUpaIPhMD7YXmH699j4YCUi3ciHR8MNg28XWXJR3t4buJwLYgx3S9zmTAtyAM913Djg0RvRUhmbHVSJdaFwm7IGg0NT1ZBfRIDZHhNIWje/4HjJxrvOx5xmt+V6XIZL7PYwb294py60H5yP5mfezCOfYrCctOR4m4GCY05jEGjhaypdjM+tP4gS8zkpGoRRdcsJ08C8/aCt2krsiA0zKtnWBCv66WLzJTucXOe7j8mMSAcBHQVQxdlI3jdl0EoF58nekYSQ= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?HwrRfm2tP8NP5q5av4OEoygR84Dd7S0bLeGKC/14OmaJsEj3cDz/jDvGKDd9?= =?us-ascii?Q?KYHkuk8NYQHxDOCdsxE8Vr6p0ydgEMi5/KbaQ2FpRe/tiGDnWabU2c01r2Uh?= =?us-ascii?Q?mfQUUa+9V+CCBMUM3d0s5U+E5fu4oeZfZ/kPjhQ7nnc9u558wjx7ui9nwbE/?= =?us-ascii?Q?MAW1bLDWkN6XGCICY7UpqgW8ty2UjfaaOmTrsRlNQAxaVnBz2e7cSG1p1shZ?= =?us-ascii?Q?zqVpNnWxE2IzO8ppTfUGuZykOY2Ciy99lvXkFPtqxeI2mc0ICDZsLzxmZ7eZ?= =?us-ascii?Q?EcoT4LTiSej7MoOqwn0MKfN1HVjIqanEh1y+Gzl+avTkkMez9y/JXBPLlsEW?= =?us-ascii?Q?TI+lJ45ONN1MJvEh0JLElkw4jLP0DGlfQQo2Ae3iJmjKpgNKbdzWipooprkt?= =?us-ascii?Q?Yzn2spB7cTKpwTEPpGQMKofzNfca0GsNzU/eTLY0zHzhlOprXy7AVmbFAhcR?= =?us-ascii?Q?pb0Xf676jcO2MI8lwpCuy53oD2+BcEPQYAwP5wRnKfj5EKguuGA0p+lhWi5+?= =?us-ascii?Q?dAIqqOPyauYi2z6kSLHTooQY7t905FBCt0ag2y6S8AYwOuodHWAiP6ZBE5f9?= =?us-ascii?Q?JBpVZ/wg7LwJAk93bHcWDUi59oRvB82osEIUi3HdEtrXCQampENMnzasRCsA?= =?us-ascii?Q?31vSEgiiiYp2xe/eiVC9GM96Plzw0vOV+AR3QgKF8gZjvQR0S+oTlLsfZ+Q8?= =?us-ascii?Q?PWJNoZKuMTWNqNeoeRbJdoFT/AY3lfBH445GqjUZ3+jKFcGElP0027AWr/QA?= =?us-ascii?Q?LjAePmALOllOcW7nt0BcsuYzN8W0ftm06Hx/L6eyAo89NGGOYLEU2+LULbtp?= =?us-ascii?Q?Ln4CJf0yG5Kwv7phGMpbX5ZrT9jpjdfA5O+tTGFuqGDDzyeYL3JMbAk7DSOg?= =?us-ascii?Q?6EYQt4v+Mvu3gjm6+vfdYtUyoroZgGgDRRzle30lCpkIprvlZDPpEuf5I3Q+?= =?us-ascii?Q?iAeKcgAhStqOTQTC1CHbs5E1HDVo7dVbvsvqnKo0cyHlB9odph1mWNDsaesY?= =?us-ascii?Q?vzHxFXV3jPJi1gZmCldu18XBn7wr+BZU2tzlziSZT6H9xzI39KAo71GGuHDF?= =?us-ascii?Q?y8RMp7RmpzqefAMvn4l7hnwo6E2urxpAzGUqNOW8VbPPI+S9ZNArM0IDj5xI?= =?us-ascii?Q?mGP8/1bq9cmMZ3BjHkEBzVM0fq08CbIgD0Vl246HN8CkV4y2mKoCuRdANfCJ?= =?us-ascii?Q?nR/3UkhFtR7Vg/14/hyjl5qwTEyoPgT8ALhkukuFxI7IMbD+SF3UmhJzvtka?= =?us-ascii?Q?BK3giT7XwoXfAOZ/yHI+kvFgl9wxDEPKl0TL0tq0imW6efR/mhf/EU3MUuj3?= =?us-ascii?Q?iDxmAbX5NZm1NBzR63V66X8k1N00fHFXpM4TGrWJhOlvq/+obl9SXCG6Ib83?= =?us-ascii?Q?Chw8VvDGImpSgErAFXRWX1r5XmnJebxlrKhasa1hQj7IDlpRENgLuHJ3VSa3?= =?us-ascii?Q?W9UU22y+W+A6Hl2yqBmthh1baL2uAnRCAfm6ooov1vNBq+BgCVeEwCuP4jw8?= =?us-ascii?Q?qSTR7ILP5RnYx5j1FaaSViSawFVeYme1eqUlLTKi+c+xjH8QPpqa4JnuDH1z?= =?us-ascii?Q?nwmMAhkvxAbvYB1waUgRl+3zizEA1j2rNDw2Lm9y?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b6e47826-df44-4034-4eb8-08dbf072b3f9 X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Nov 2023 00:32:43.8932 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BuGS0iXpnox064sjxRLCSVYq+4CTR7SIh/4mXFWxoNpYggorEylUkmfk6Fzlok1ENyhdnm1Efo21buweRl6OLA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR11MB8308 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: KeqnUcPsYFJpVgWdd8iDd62cx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b="PA3/tv9g"; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Reviewed-by: Min Xu > -----Original Message----- > From: Sun, CepingX > Sent: Monday, November 27, 2023 8:41 AM > To: devel@edk2.groups.io > Cc: Sun, CepingX ; Yao, Jiewen > ; Xu, Min M > Subject: [PATCH V1 1/1] SecurityPkg/DxeTpm2MeasureBootLib: Check the > Integer overflow >=20 > From: Ceping Sun >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4604 >=20 > Fields of NumberOfPartitionEntries and SizeOfPartitionEntry in PrimaryHea= der > are both UINT32. UINT32 * UINT32 produce UINT32 but it may overflow. So > The result should be checked if it is overflow. >=20 > Cc: Jiewen Yao > Signed-off-by: Min Xu > Signed-off-by: Ceping Sun > --- > .../Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c | 5 +++++ > 1 file changed, 5 insertions(+) >=20 > diff --git > a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c > b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c > index 36a256a7af50..1f891ae7f216 100644 > --- > a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c > +++ > b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c > @@ -210,6 +210,11 @@ Tcg2MeasureGptTable ( > return EFI_BAD_BUFFER_SIZE; > } >=20 > + if (PrimaryHeader->NumberOfPartitionEntries > MAX_UINT32 / > PrimaryHeader->SizeOfPartitionEntry) { > + DEBUG ((DEBUG_ERROR, "Overflow of PrimaryHeader- > >NumberOfPartitionEntries(%d) * PrimaryHeader- > >SizeOfPartitionEntry(%d)\n", PrimaryHeader->NumberOfPartitionEntries, > PrimaryHeader->SizeOfPartitionEntry)); > + return EFI_INVALID_PARAMETER; > + } > + > // > // Read the partition entry. > // > -- > 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111831): https://edk2.groups.io/g/devel/message/111831 Mute This Topic: https://groups.io/mt/102820849/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-