[PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

* [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format
@ 2023-06-26  5:40 Li, Yi
  2023-06-27 21:46 ` Clark-williams, Zachary
  0 siblings, 1 reply; 4+ messages in thread
From: Li, Yi @ 2023-06-26  5:40 UTC (permalink / raw)
  To: devel; +Cc: Yi Li, Maciej Rabeda, Zachary Clark-Williams

FIX: https://bugzilla.tianocore.org/show_bug.cgi?id=4477

Tls connection fail over WiFi in AMT OCR flow due to invalid identity.

This was due to missing conversion between unicode and ascii
string which resulted in invalid strlen.

Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Zachary Clark-Williams <zachary.clark-williams@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
---
 .../WifiConnectionMgrImpl.c                   | 21 +++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
index 2e596c1981..d1182e52bd 100644
--- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
+++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
@@ -572,15 +572,28 @@ WifiMgrConfigEap (
   // Set Identity to Eap peer, Mandatory field for PEAP and TTLS
   //
   if (StrLen (Profile->EapIdentity) > 0) {
-    IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
-    Identity     = AllocateZeroPool (IdentitySize);
+    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid, NULL, (VOID **)&WiFiProfileSyncProtocol);
+    if (!EFI_ERROR (Status)) {
+      //
+      // Max size of EapIdentity ::= sizeof (CHAR16) * sizeof (Profile->EapIdentity) ::= 2 * EAP_IDENTITY_SIZE
+      //
+      IdentitySize = sizeof (CHAR8) * (AsciiStrnLenS ((CHAR8 *)Profile->EapIdentity, sizeof (CHAR16) * sizeof (Profile->EapIdentity)) + 1);
+    } else {
+      IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
+    }
+
+    Identity = AllocateZeroPool (IdentitySize);
     if (Identity == NULL) {
       return EFI_OUT_OF_RESOURCES;
     }
 
-    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid, NULL, (VOID **)&WiFiProfileSyncProtocol);
     if (!EFI_ERROR (Status)) {
-      CopyMem (Identity, &Profile->EapIdentity, IdentitySize);
+      //
+      // The size of Identity from Username may equal
+      // to the max size of EapIdentity(EAP_IDENTITY_SIZE*2=128 bytes),
+      // so here only valid characters except NULL characters are copied.
+      //
+      CopyMem (Identity, &Profile->EapIdentity, IdentitySize - 1);
     } else {
       UnicodeStrToAsciiStrS (Profile->EapIdentity, Identity, IdentitySize);
     }
-- 
2.31.1.windows.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format
  2023-06-26  5:40 [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format Li, Yi
@ 2023-06-27 21:46 ` Clark-williams, Zachary
  2023-06-28  0:49   ` Michael D Kinney
  0 siblings, 1 reply; 4+ messages in thread
From: Clark-williams, Zachary @ 2023-06-27 21:46 UTC (permalink / raw)
  To: Li, Yi1, devel@edk2.groups.io, Kinney, Michael D, Andrew Fish,
	Leif Lindholm
  Cc: Maciej Rabeda

Reviewed-by: Zachary Clark-Williams <Zachary.Clark-Williams@intel.com>

Hey Michael, 
Can you help with this change merge?

Thanks,
Zack


-----Original Message-----
From: Li, Yi1 <yi1.li@intel.com> 
Sent: Sunday, June 25, 2023 10:41 PM
To: devel@edk2.groups.io
Cc: Li, Yi1 <yi1.li@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>; Clark-williams, Zachary <zachary.clark-williams@intel.com>
Subject: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format

FIX: https://bugzilla.tianocore.org/show_bug.cgi?id=4477

Tls connection fail over WiFi in AMT OCR flow due to invalid identity.

This was due to missing conversion between unicode and ascii string which resulted in invalid strlen.

Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Zachary Clark-Williams <zachary.clark-williams@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
---
 .../WifiConnectionMgrImpl.c                   | 21 +++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
index 2e596c1981..d1182e52bd 100644
--- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
+++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
@@ -572,15 +572,28 @@ WifiMgrConfigEap (
   // Set Identity to Eap peer, Mandatory field for PEAP and TTLS
   //
   if (StrLen (Profile->EapIdentity) > 0) {
-    IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
-    Identity     = AllocateZeroPool (IdentitySize);
+    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid, NULL, (VOID **)&WiFiProfileSyncProtocol);
+    if (!EFI_ERROR (Status)) {
+      //
+      // Max size of EapIdentity ::= sizeof (CHAR16) * sizeof (Profile->EapIdentity) ::= 2 * EAP_IDENTITY_SIZE
+      //
+      IdentitySize = sizeof (CHAR8) * (AsciiStrnLenS ((CHAR8 *)Profile->EapIdentity, sizeof (CHAR16) * sizeof (Profile->EapIdentity)) + 1);
+    } else {
+      IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
+    }
+
+    Identity = AllocateZeroPool (IdentitySize);
     if (Identity == NULL) {
       return EFI_OUT_OF_RESOURCES;
     }
 
-    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid, NULL, (VOID **)&WiFiProfileSyncProtocol);
     if (!EFI_ERROR (Status)) {
-      CopyMem (Identity, &Profile->EapIdentity, IdentitySize);
+      //
+      // The size of Identity from Username may equal
+      // to the max size of EapIdentity(EAP_IDENTITY_SIZE*2=128 bytes),
+      // so here only valid characters except NULL characters are copied.
+      //
+      CopyMem (Identity, &Profile->EapIdentity, IdentitySize - 1);
     } else {
       UnicodeStrToAsciiStrS (Profile->EapIdentity, Identity, IdentitySize);
     }
--
2.31.1.windows.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format
  2023-06-27 21:46 ` Clark-williams, Zachary
@ 2023-06-28  0:49   ` Michael D Kinney
  2023-06-28  3:52     ` Michael D Kinney
  0 siblings, 1 reply; 4+ messages in thread
From: Michael D Kinney @ 2023-06-28  0:49 UTC (permalink / raw)
  To: Clark-williams, Zachary, Li, Yi1, devel@edk2.groups.io,
	Andrew Fish, Leif Lindholm
  Cc: Maciej Rabeda, Kinney, Michael D

Working on it:

https://github.com/tianocore/edk2/pull/4584


> -----Original Message-----
> From: Clark-williams, Zachary <zachary.clark-williams@intel.com>
> Sent: Tuesday, June 27, 2023 2:46 PM
> To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io; Kinney, Michael D
> <michael.d.kinney@intel.com>; Andrew Fish <afish@apple.com>; Leif Lindholm
> <quic_llindhol@quicinc.com>
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> Subject: RE: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when
> in ASCII format
> 
> Reviewed-by: Zachary Clark-Williams <Zachary.Clark-Williams@intel.com>
> 
> Hey Michael,
> Can you help with this change merge?
> 
> Thanks,
> Zack
> 
> 
> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Sunday, June 25, 2023 10:41 PM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Clark-williams, Zachary <zachary.clark-
> williams@intel.com>
> Subject: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in
> ASCII format
> 
> FIX: https://bugzilla.tianocore.org/show_bug.cgi?id=4477
> 
> Tls connection fail over WiFi in AMT OCR flow due to invalid identity.
> 
> This was due to missing conversion between unicode and ascii string which
> resulted in invalid strlen.
> 
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> Cc: Zachary Clark-Williams <zachary.clark-williams@intel.com>
> Signed-off-by: Yi Li <yi1.li@intel.com>
> ---
>  .../WifiConnectionMgrImpl.c                   | 21 +++++++++++++++----
>  1 file changed, 17 insertions(+), 4 deletions(-)
> 
> diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> index 2e596c1981..d1182e52bd 100644
> --- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> +++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> @@ -572,15 +572,28 @@ WifiMgrConfigEap (
>    // Set Identity to Eap peer, Mandatory field for PEAP and TTLS
>    //
>    if (StrLen (Profile->EapIdentity) > 0) {
> -    IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
> -    Identity     = AllocateZeroPool (IdentitySize);
> +    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid,
> NULL, (VOID **)&WiFiProfileSyncProtocol);
> +    if (!EFI_ERROR (Status)) {
> +      //
> +      // Max size of EapIdentity ::= sizeof (CHAR16) * sizeof (Profile-
> >EapIdentity) ::= 2 * EAP_IDENTITY_SIZE
> +      //
> +      IdentitySize = sizeof (CHAR8) * (AsciiStrnLenS ((CHAR8 *)Profile-
> >EapIdentity, sizeof (CHAR16) * sizeof (Profile->EapIdentity)) + 1);
> +    } else {
> +      IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
> +    }
> +
> +    Identity = AllocateZeroPool (IdentitySize);
>      if (Identity == NULL) {
>        return EFI_OUT_OF_RESOURCES;
>      }
> 
> -    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid,
> NULL, (VOID **)&WiFiProfileSyncProtocol);
>      if (!EFI_ERROR (Status)) {
> -      CopyMem (Identity, &Profile->EapIdentity, IdentitySize);
> +      //
> +      // The size of Identity from Username may equal
> +      // to the max size of EapIdentity(EAP_IDENTITY_SIZE*2=128 bytes),
> +      // so here only valid characters except NULL characters are copied.
> +      //
> +      CopyMem (Identity, &Profile->EapIdentity, IdentitySize - 1);
>      } else {
>        UnicodeStrToAsciiStrS (Profile->EapIdentity, Identity,
> IdentitySize);
>      }
> --
> 2.31.1.windows.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format
  2023-06-28  0:49   ` Michael D Kinney
@ 2023-06-28  3:52     ` Michael D Kinney
  0 siblings, 0 replies; 4+ messages in thread
From: Michael D Kinney @ 2023-06-28  3:52 UTC (permalink / raw)
  To: Clark-williams, Zachary, Li, Yi1, devel@edk2.groups.io,
	Andrew Fish, Leif Lindholm
  Cc: Maciej Rabeda, Kinney, Michael D

Merged: https://github.com/tianocore/edk2/pull/4584

> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Tuesday, June 27, 2023 5:50 PM
> To: Clark-williams, Zachary <zachary.clark-williams@intel.com>; Li, Yi1
> <yi1.li@intel.com>; devel@edk2.groups.io; Andrew Fish <afish@apple.com>;
> Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Subject: RE: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when
> in ASCII format
> 
> Working on it:
> 
> https://github.com/tianocore/edk2/pull/4584
> 
> 
> > -----Original Message-----
> > From: Clark-williams, Zachary <zachary.clark-williams@intel.com>
> > Sent: Tuesday, June 27, 2023 2:46 PM
> > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Andrew Fish <afish@apple.com>; Leif
> Lindholm
> > <quic_llindhol@quicinc.com>
> > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > Subject: RE: [PATCH V3] NetworkPkg: Correct the length of EAP Identity
> when
> > in ASCII format
> >
> > Reviewed-by: Zachary Clark-Williams <Zachary.Clark-Williams@intel.com>
> >
> > Hey Michael,
> > Can you help with this change merge?
> >
> > Thanks,
> > Zack
> >
> >
> > -----Original Message-----
> > From: Li, Yi1 <yi1.li@intel.com>
> > Sent: Sunday, June 25, 2023 10:41 PM
> > To: devel@edk2.groups.io
> > Cc: Li, Yi1 <yi1.li@intel.com>; Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>; Clark-williams, Zachary <zachary.clark-
> > williams@intel.com>
> > Subject: [PATCH V3] NetworkPkg: Correct the length of EAP Identity when
> in
> > ASCII format
> >
> > FIX: https://bugzilla.tianocore.org/show_bug.cgi?id=4477
> >
> > Tls connection fail over WiFi in AMT OCR flow due to invalid identity.
> >
> > This was due to missing conversion between unicode and ascii string which
> > resulted in invalid strlen.
> >
> > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > Cc: Zachary Clark-Williams <zachary.clark-williams@intel.com>
> > Signed-off-by: Yi Li <yi1.li@intel.com>
> > ---
> >  .../WifiConnectionMgrImpl.c                   | 21 +++++++++++++++----
> >  1 file changed, 17 insertions(+), 4 deletions(-)
> >
> > diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> > b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> > index 2e596c1981..d1182e52bd 100644
> > --- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> > +++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
> > @@ -572,15 +572,28 @@ WifiMgrConfigEap (
> >    // Set Identity to Eap peer, Mandatory field for PEAP and TTLS
> >    //
> >    if (StrLen (Profile->EapIdentity) > 0) {
> > -    IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1);
> > -    Identity     = AllocateZeroPool (IdentitySize);
> > +    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid,
> > NULL, (VOID **)&WiFiProfileSyncProtocol);
> > +    if (!EFI_ERROR (Status)) {
> > +      //
> > +      // Max size of EapIdentity ::= sizeof (CHAR16) * sizeof (Profile-
> > >EapIdentity) ::= 2 * EAP_IDENTITY_SIZE
> > +      //
> > +      IdentitySize = sizeof (CHAR8) * (AsciiStrnLenS ((CHAR8 *)Profile-
> > >EapIdentity, sizeof (CHAR16) * sizeof (Profile->EapIdentity)) + 1);
> > +    } else {
> > +      IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) +
> 1);
> > +    }
> > +
> > +    Identity = AllocateZeroPool (IdentitySize);
> >      if (Identity == NULL) {
> >        return EFI_OUT_OF_RESOURCES;
> >      }
> >
> > -    Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid,
> > NULL, (VOID **)&WiFiProfileSyncProtocol);
> >      if (!EFI_ERROR (Status)) {
> > -      CopyMem (Identity, &Profile->EapIdentity, IdentitySize);
> > +      //
> > +      // The size of Identity from Username may equal
> > +      // to the max size of EapIdentity(EAP_IDENTITY_SIZE*2=128 bytes),
> > +      // so here only valid characters except NULL characters are
> copied.
> > +      //
> > +      CopyMem (Identity, &Profile->EapIdentity, IdentitySize - 1);
> >      } else {
> >        UnicodeStrToAsciiStrS (Profile->EapIdentity, Identity,
> > IdentitySize);
> >      }
> > --
> > 2.31.1.windows.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2023-06-28  3:53 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-26  5:40 [PATCH V3] NetworkPkg: Correct the length of EAP Identity when in ASCII format Li, Yi
2023-06-27 21:46 ` Clark-williams, Zachary
2023-06-28  0:49   ` Michael D Kinney
2023-06-28  3:52     ` Michael D Kinney

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox