From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+117301+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 0BA7AAC08F8
	for <rebecca@openfw.io>; Tue,  2 Apr 2024 01:11:57 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=VeGX1B8Lrg8YdUcjOHMBWMMg2nJjQIqcaAzWB0EC2LA=;
 c=relaxed/simple; d=groups.io;
 h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20240206; t=1712020316; v=1;
 b=ebi7qT24ZyJIZD9CawdhnafmS1H8ITdJApDGvviF03SwdzcQ0W1fvY4/o6dsitw29ZNO1eJO
 fEvT2Z0iBtwL5naiMXykbuNQd2EEgyVEX3AQnul/KNB18WjhM7zGyr87AWW5oEaIr72sygx2YJX
 3hq3YkrRzvOAJyk/0qMYH6rTsuGKveJRIpZx+fFRjZla4TyZbfiewHgryqTZoUevUQspjldxwdj
 QQ4BlSkcYXqMRXxgzGXY4e+umxnyZwKp2z9Rfy1l0d/kGfZgvNgWy01N9I2mOVMR0bnvQUe+l/e
 TGSw/Mve0qbtJAXzhZgd63BYLNNA8ot1/0S9uC2fFiNQw==
X-Received: by 127.0.0.2 with SMTP id VC0HYY7687511xbWtZAGxEGH; Mon, 01 Apr 2024 18:11:56 -0700
X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.11])
 by mx.groups.io with SMTP id smtpd.web10.1971.1712020315849898863
 for <devel@edk2.groups.io>;
 Mon, 01 Apr 2024 18:11:56 -0700
X-CSE-ConnectionGUID: QuBmn8IbRHCbL92Ut0ce0w==
X-CSE-MsgGUID: aL69vaiWR6CMwXwJDEHZ/Q==
X-IronPort-AV: E=McAfee;i="6600,9927,11031"; a="17787941"
X-IronPort-AV: E=Sophos;i="6.07,173,1708416000"; 
   d="scan'208";a="17787941"
X-Received: from orviesa002.jf.intel.com ([10.64.159.142])
  by fmvoesa105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2024 18:11:55 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.07,173,1708416000"; 
   d="scan'208";a="48890781"
X-Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83])
  by orviesa002.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 01 Apr 2024 18:11:55 -0700
X-Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by
 fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.35; Mon, 1 Apr 2024 18:11:54 -0700
X-Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by
 fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.35; Mon, 1 Apr 2024 18:11:54 -0700
X-Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by
 fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.35 via Frontend Transport; Mon, 1 Apr 2024 18:11:54 -0700
X-Received: from NAM02-BN1-obe.outbound.protection.outlook.com (104.47.51.40) by
 edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2507.35; Mon, 1 Apr 2024 18:11:54 -0700
X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10)
 by PH7PR11MB5916.namprd11.prod.outlook.com (2603:10b6:510:13d::11) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.25; Tue, 2 Apr
 2024 01:11:51 +0000
X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com
 ([fe80::301:5dbd:207b:5578]) by SJ1PR11MB6227.namprd11.prod.outlook.com
 ([fe80::301:5dbd:207b:5578%4]) with mapi id 15.20.7452.019; Tue, 2 Apr 2024
 01:11:51 +0000
From: "Li, Yi" <yi1.li@intel.com>
To: Sountharya N <sountharyan@ami.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "MANI, SRINIVASAN" <Srinivasanm@ami.com>, Prarthana Sagar V
	<prarthanasv@ami.com>, "Yao, Jiewen" <jiewen.yao@intel.com>, "Hou, Wenxing"
	<wenxing.hou@intel.com>
Subject: Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c.
Thread-Topic: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib:
 ASN1_get_object() function return value is not checked properly in
 CryptX509.c.
Thread-Index: AQHaecB8Ol19uFoD80C9AwEL/RX72LFMa8OwgAbt8rCAAOU7AA==
Date: Tue, 2 Apr 2024 01:11:50 +0000
Message-ID: <SJ1PR11MB622724756B062FBA89D555DFC53E2@SJ1PR11MB6227.namprd11.prod.outlook.com>
References: <20240319054335.707-1-sountharyan@ami.com>
 <SJ1PR11MB622766D213E14CB4911085A9C53B2@SJ1PR11MB6227.namprd11.prod.outlook.com>
 <CO1PR10MB4594A2B8482DE7FB3EADF5D4AE3F2@CO1PR10MB4594.namprd10.prod.outlook.com>
In-Reply-To: <CO1PR10MB4594A2B8482DE7FB3EADF5D4AE3F2@CO1PR10MB4594.namprd10.prod.outlook.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|PH7PR11MB5916:EE_
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam-message-info: oaYbYqo2VA99jah3yDdjDIHo1wb7Tw2jHyBNVAFunEgVREiKlFZkgpwEeCM21WXKbe6YtdoAlAeAepjh/yX6jG+KGyiQ4GM+svURUV77rvNN7LV3Yri3V46HHC8M3iClhTRg1vtEFPFR6ZvAPL32MrSLW+N7SKMFp9D41f1W8Rx4U7WjdEvVsTkwPzkdbzQHe0xgECnO9NVE1It5+b+H+UoBpOU2bfHao3ks5AOtgVwMntQ1lboJcbJjsyDV9VvCVVDZDzJGNIDBLUThu1sDm2qyTXj/LASUEU1nX5GFIOZ6vjjqXtDwhZMiu8o4nurkXjdmZ8U7nz1A35wIOlkX4T75Kt20z9udogSe4B9+E+der6RMuWq5jM2KpvEOt4fsx5cn8q5tKYspI2XS8Uqfw3tRx1RZINty6Qjb3+rzbw3Q1l3d181PjzlH0hu5lBh5TkQpp1l6TsrBYOl9SAhZW3oopf2BCRWSSkcN3HbodKdcQ5Xl5odxbBeVZ/bKRqC5Y2QOsCIIi2Ed0fqVCimvtpa1vFnBshIKSyrHVZhhDprReOvizxuB4ROjQ9swLkmbRQKsOpytuibR+X9YIefG3qyqC9vk48mfEGjoehPAWAjkvfQUH4s5mZwblBtcX9go
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Zfa2nVAdka6GwERKtfEUfPiuUiInyjMntay+DtdD4VAdw93hcrN+USyw1UJt?=
 =?us-ascii?Q?ycKku1pH7XrNLFe1/a22xeQfhcmLgtSJgdBb7imXMglds9pDlmGioVl6M05S?=
 =?us-ascii?Q?ksZZvy7yOch0/oklI3NeSK7W5hlcZ+mdbhB2aZ3ZjxVmO0ZAZv10LPaUVsCz?=
 =?us-ascii?Q?XSM1293y+Ava260x9akfNeZoMoeKxGm3uUlRHnREqnhy6HZirSy67tj8QYTi?=
 =?us-ascii?Q?6xjvgF7neNUEUsduM2nIH/KBaNW5heKrPta053PIkbPimehcBNQumo2PU2fL?=
 =?us-ascii?Q?uaJznsVdK1v4VLJa/leVlgesme97eDMJ7ImTmpj3Uoy7RKINEdfT5SqK1Hd8?=
 =?us-ascii?Q?nCZMo+FJ8TF39CeUNFXikd7Q2ghS/l3kN6PFnTkp+HS8etpoOjG5wc4SXlLY?=
 =?us-ascii?Q?kZR3vg3SV3VDcqRFZM6vwULFSdHIElCttYrj41MHvpgNc7w3GqS9WP8l1ORK?=
 =?us-ascii?Q?bC/jWuWWtUpilwHM+IdNGRKbqsWTZLqJD+bxoJ1lfcSxg250DQ7v2higfV5i?=
 =?us-ascii?Q?914qO38qAEn6UEn4tNXIwS8gn4DujP3Ac0xCk8n+Or6YneAEj1+JMYbkoSum?=
 =?us-ascii?Q?aTyoyQ0uRiq0HFKyxpgZ914+GaxNFTD2niDRiDrdtHxx1kNiFlM+jMHYOgWr?=
 =?us-ascii?Q?L8OcepJzyNiQr2M8PPcZtsZGhkYjJweYBCYNpoZ3rmRcb3vRRgNRcT6mGGSe?=
 =?us-ascii?Q?AHlnmaylGee95l9PMZqY08NamQ7fumZEaxwkrV+iJPz54nBtmeIwsIR6TH+N?=
 =?us-ascii?Q?eUxk9Pv9XoFJAte9H6Dsd+Z+rQ5Y9QuUV8MzedVPK+b81Tw3TToG9mDk5rQ+?=
 =?us-ascii?Q?XxZAdVs7mrEDSmoMDTqwMAKSsclWUsXwk6RxRzQQ64ake7yBxtBEMLyMN5s/?=
 =?us-ascii?Q?jJY0MCI7g/b6xGDhSkZB+kw0Sem2579pO6j7DrxbD2QoK386NlyMZxISBtzP?=
 =?us-ascii?Q?qlstkD+wsa8tPWSHBHEfG1VdvUVNI7RMWD0wGicoktPOE/QeghaMd4H3ckU3?=
 =?us-ascii?Q?aQVmKEu9wu6KJXorgA0EacffR91E3E2Qpq0jzrhyPlVsp8fvu1EmcUAlpxu/?=
 =?us-ascii?Q?AhzRnOkU3kbgFvhXECQW3dbEcC9xabWGwadu73i/addd5RZQYz4WyLXeQ+2L?=
 =?us-ascii?Q?X9nRRt66wDuI2M0snAMGyO1oBBQPlL0DJ7X3V8O07CVNw1jsdSf/N+iPmJ8W?=
 =?us-ascii?Q?c54iHT/jHOrtHRlrvS2+Vu7x1n5Ba6JSIGCeMiXxpgYTfYXUG+PtR0tfMyDd?=
 =?us-ascii?Q?rnKXKb5+PR8DKOgxU9YTWCAJ83IH3Kk0okebInbKrchQ1aXk1pAjONus4zZ/?=
 =?us-ascii?Q?moYaFRu4VMB2mUHZUaf3cE4Lu0jzjKaslfSWpkP4gIk/seanVVhGeE4bQhUj?=
 =?us-ascii?Q?yhIb7Mi9pG57OyCccW8OY5ADjtThyFWuo7OSUuepdBsc2FaqPX0evjemj1UV?=
 =?us-ascii?Q?woFPXDDsYrE9EdepqJgEbBrROawapIp2AYuR0Sma5furK3QjNROolpE+j6YL?=
 =?us-ascii?Q?Zwmvs6Y2MFtDdMpzNA0SDYxpmBwJH/ExyapZpHyvBYIXIZlVEF7/vYN5/ZOI?=
 =?us-ascii?Q?aWJhw81Tmvsk9h8CYJM=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e7b10428-8220-4ae8-9b4b-08dc52b1e08c
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2024 01:11:50.9747
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: U/AemBC2q52itXucu+nQ/zlcL9m4AObUAynIiQYebL0zzqhSLDEFI4CmF8iyMR4GmXUfYkwRKNLjHElMk0yxiQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB5916
X-OriginatorOrg: intel.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Mon, 01 Apr 2024 18:11:56 -0700
Resent-From: yi1.li@intel.com
Reply-To: devel@edk2.groups.io,yi1.li@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: yLOWdBACVqg4DZ0yR8IzKdh1x7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b=ebi7qT24;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Hi,

Please remove 'Reviewed-by: @yi1.li@intel.com' and send V2 patch to devel@e=
dk2.groups.io by send-email.=20

Generate V2 patch:
Add '--subject-prefix=3D"PATCH V2" ' when you format patch:
git format-patch --subject-prefix=3D"PATCH V2" ...

The content of patch looks good to me, will give you my Reviewed-by and pus=
h it after receiving your V2 patch.

Thanks,
Yi

-----Original Message-----
From: Sountharya N <sountharyan@ami.com>=20
Sent: Monday, April 1, 2024 7:23 PM
To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io
Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@=
ami.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@int=
el.com>
Subject: RE: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_objec=
t() function return value is not checked properly in CryptX509.c.

Hi Yi,

As you suggested, modified the changes and gave PR. Here I have attached th=
e Link for reference.
https://github.com/tianocore/edk2/pull/5507

Thanks,
Sountharya

-----Original Message-----
From: Li, Yi1 <yi1.li@intel.com>
Sent: Thursday, March 28, 2024 7:17 AM
To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com>
Cc: Srinivasan Mani <srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@a=
mi.com>; Yao, Jiewen <jiewen.yao@intel.com>; Hou, Wenxing <wenxing.hou@inte=
l.com>
Subject: [EXTERNAL] RE: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() =
function return value is not checked properly in CryptX509.c.


**CAUTION: The e-mail below is from an external source. Please exercise cau=
tion before opening attachments, clicking links, or following guidance.**

Hi,

Please follow the correct upstream process to avoid Github CI errors.
https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-gi=
t-guide-for-edk2-contributors-and-maintainers#contributor-workflow
You are missing your Sign-off and Cc maintainers in this patch, And please =
add BZ link to commit message: ''REF: https://bugzilla.tianocore.org/show_b=
ug.cgi?id=3D4509''.

For your code change, '''ASN1_get_object() return error''' or  ''''''ASN1_g=
et_object() success but Asn1Tag !=3D V_ASN1_SEQUENCE ''' both need to be tr=
eated as errors and returned.
So you should use logic or instead of and.

Before you send V2 patch, please create a PR in EDK2 github to test CI: htt=
ps://github.com/tianocore/edk2/pulls

Regards,
Yi

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Sountharya N=
 via groups.io
Sent: Tuesday, March 19, 2024 1:44 PM
To: devel@edk2.groups.io; Sountharya N <sountharyan@ami.com>
Cc: MANI, SRINIVASAN <Srinivasanm@ami.com>; Prarthana Sagar V <prarthanasv@=
ami.com>
Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() fu=
nction return value is not checked properly in CryptX509.c.

Added Inf variable, and the error case returned value was checked properly.
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr=
ary/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..ac05441383 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
   Length =3D 0;

   Inf    =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in=
t *)&ObjClass, (long)CertSize);



-  if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {

+  if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {

     return FALSE;

   }



   *TBSCert =3D (UINT8 *)Temp;



-  ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla=
ss, (long)Length);

+  Inf    =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in=
t *)&ObjClass, (long)Length);

   //

   // Verify the parsed TBSCertificate is one correct SEQUENCE data.

   //

-  if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {

+  if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {

     return FALSE;

   }



--
2.35.1.windows.2
-The information contained in this message may be confidential and propriet=
ary to American Megatrends (AMI). This communication is intended to be read=
 only by the individual or entity to whom it is addressed or by their desig=
nee. If the reader of this message is not the intended recipient, you are o=
n notice that any distribution of this message, in any form, is strictly pr=
ohibited. Please promptly notify the sender by reply e-mail or by telephone=
 at 770-246-8600, and then delete or destroy all copies of the transmission=
.





-The information contained in this message may be confidential and propriet=
ary to American Megatrends (AMI). This communication is intended to be read=
 only by the individual or entity to whom it is addressed or by their desig=
nee. If the reader of this message is not the intended recipient, you are o=
n notice that any distribution of this message, in any form, is strictly pr=
ohibited. Please promptly notify the sender by reply e-mail or by telephone=
 at 770-246-8600, and then delete or destroy all copies of the transmission=
.


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117301): https://edk2.groups.io/g/devel/message/117301
Mute This Topic: https://groups.io/mt/105019593/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-