From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4E250AC0A02 for ; Thu, 28 Mar 2024 01:46:42 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=GQQIYjC4ALeKZ1G8uRg0vgkGT8P2QN6AjsFNTQ/6UXA=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1711590401; v=1; b=cUMKAYrLB4fTjkQr7WbjOUimRcH5S4VkTvOVFkDl2FEF+gSsepYHUhClcK8hW+n9nEKxNgqr qpfz7i5Hmw60fEVStMWdfzAVd/Y/mJYXA2sJA77tmhBXiJMvAoZd8eKgfhqc5D56NGN/gYG3IH0 IcuVQxJ4iAk0ZgQmqfYqzalAmHR/g46+GkwxtdxDJyJUTiyosOm0fHOMKGEWH7mHtJpq3gfTGEa VWJ76YPGrctQprwaSoZ+zJX/l0+ipV4sHIjxmnSRtQTgzcdspBn+RYq/3f/SAnP5vLTnFwMSF1e JMOIELBzZ2+bsmrBCJ9ArWDMzq2NFtpcUCNSodk0yKPDw== X-Received: by 127.0.0.2 with SMTP id 68qEYY7687511xHyv4cPE3Vu; Wed, 27 Mar 2024 18:46:41 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mx.groups.io with SMTP id smtpd.web10.5215.1711590400404343831 for ; Wed, 27 Mar 2024 18:46:40 -0700 X-CSE-ConnectionGUID: ldSo9EnqRpqWQwbMpmphPQ== X-CSE-MsgGUID: sHbcn/qwS+WLJQ2DPLR/JQ== X-IronPort-AV: E=McAfee;i="6600,9927,11026"; a="6944072" X-IronPort-AV: E=Sophos;i="6.07,160,1708416000"; d="scan'208";a="6944072" X-Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Mar 2024 18:46:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,160,1708416000"; d="scan'208";a="39611350" X-Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by fmviesa002.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 27 Mar 2024 18:46:40 -0700 X-Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 27 Mar 2024 18:46:39 -0700 X-Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 27 Mar 2024 18:46:39 -0700 X-Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 27 Mar 2024 18:46:39 -0700 X-Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.100) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 27 Mar 2024 18:46:39 -0700 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by SJ1PR11MB6156.namprd11.prod.outlook.com (2603:10b6:a03:45d::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.33; Thu, 28 Mar 2024 01:46:35 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578%4]) with mapi id 15.20.7409.028; Thu, 28 Mar 2024 01:46:34 +0000 From: "Li, Yi" To: "devel@edk2.groups.io" , "sountharyan@ami.com" CC: "MANI, SRINIVASAN" , Prarthana Sagar V , "Yao, Jiewen" , "Hou, Wenxing" Subject: Re: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Topic: [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() function return value is not checked properly in CryptX509.c. Thread-Index: AQHaecB8Ol19uFoD80C9AwEL/RX72LFMa8Ow Date: Thu, 28 Mar 2024 01:46:34 +0000 Message-ID: References: <20240319054335.707-1-sountharyan@ami.com> In-Reply-To: <20240319054335.707-1-sountharyan@ami.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|SJ1PR11MB6156:EE_ x-ms-office365-filtering-correlation-id: 954148ae-c73a-4d10-6a6b-08dc4ec8e6a0 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: KqQ2es3j3rrSS5Hq48fTMCfYPYGjSqgsawylSOl+1tw9K0NyFMgDXAIrUPbqZnEsv94VpeWQPr8/i5IfK9v0KTOdllz8x14Zn3ybzMWAI8zMAV49GPgaEuSAoHdc5SiE3H45gB3dk+L6rkTbpzxjYpc+mlNxALTZFwPSoFZGuWDvncWDRzNlLJSF/BZuuYddDVYpnXUj0bbD/i2BgTwXSgxeOnDaZro2o5ShH1pTxaDfWYhg/EJar8b8iRwpO0V51oLLBQT0U5zUvuVaWLSIKVaWhxrXV0vj0LMyXvbarq/Psrq7bm+rZR9ewnep2Ugmvmbs9K4LT3hCAZ0uDlMj+X/ypCbhyHeo8EKEq/GroWRjg/JaBd6g35KebKjpRoOmtUAlfQvuNLSP5zpie0UWMV03mqzeXoYM5lizVc5qQyA3+52pc90sv9zxenclpy9lnJyLu5AHL420p74+7GOFNkU2CQ2Chtj8J/RBgbrjesbpsr2QSAri2cJ+p8ohd1Lt2X+J6QY27BGcbbLPcOUUyy1eXhmYJTUTaFmf70hwr6VDdkolBYhll2A3FGk6tgfFpCfyqJkcaTnGdieChyJkxjcGd4AfURupjkdIS0Lr2JwTTKtquKWc7X0Ch6vCNkfpqNWAx3+SH7usbp9NUdRstyeM3lYSXLKdFz8bh5mM0Q5qa+S1lpqH/swQ0DSZz2So x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?i650dkKNJWMSKdrnLGKGoGulY08+/cVgZlrRajTwZ+szC6lLn4fW1j9JWlS4?= =?us-ascii?Q?bLXy/mkbl/Rg58DfON2y2CV57tDoJ/7RnEp+Bb8bJYYoX8Aa+zG8hrwah4nw?= =?us-ascii?Q?DLznugzDr52diXhlJqZscOE91m1xi1TT660yoe/MR1k94DzR/NqAleXybsyT?= =?us-ascii?Q?NDQufp/Xp+5aemky6OcRBoP+nu+4FVib/zc98JBg0Dq1zc9r3q2GAYUYx9kv?= =?us-ascii?Q?i3N/38eoG1VJaqRa2TKBNfbiAsYgugJHyzaStLN5GERU2pwz6Qnp/gqyXYt7?= =?us-ascii?Q?uvhN8b54lAaYwTdvzTyGor9YG4+UzxoZalV9KTG7KKMzKDZ0K/LInNJhWVDi?= =?us-ascii?Q?c4OcaW0ShnQ4kfYXHogyJC+6p5REyBRXXoKHU7ouh3rszo1++XWywHMnchPT?= =?us-ascii?Q?xRoHEx+mclx+KhouqP5DndRIO3dxXdfnJikYvHPMKWdQRStCGwDceBDOSDDN?= =?us-ascii?Q?GJ3mNlmpvblU34BI1+EEY5nI5FlCODJtG7twmVqXcUN/zEmzT1M2OW9WFuJr?= =?us-ascii?Q?4rOuiIw2zPl78bI7sKoEoebdZj/UnDIW65turXMPBYla6NygKmsdQt35AFhO?= =?us-ascii?Q?4hoF2obFMqgaZf+JpHmoKFWsIDjKFq+PQ4TazVu/UkV3UTiYjvnz6XjwznVJ?= =?us-ascii?Q?qs4bg63ConpSetNCio0IptsRYVi0bj/PshYwkoCmCfQcOyepX8GDyOE7fkEC?= =?us-ascii?Q?e14zUEi3TWaTyNRrRGIRQhWpc77AC6JIFpB6o/VDdcxxgwbz8/VnMZxN/ZaS?= =?us-ascii?Q?llAvb4NUb2s9muoEO2PUZVBAu4wOXuciXiwAH2+kOXuZ9aJmDfd7+De85nL9?= =?us-ascii?Q?2nRGWFzY3lXcchVoAaUuvhIt1h3i0yVsfGfz3IaXO2CN+TS+ejdGxVBFMmUs?= =?us-ascii?Q?pKhHdjM49Fra5O2fddBZO7dwv9kPO+nKxcgSXGvF/VWh9OBKoAeUEaWxJRbM?= =?us-ascii?Q?8QU+WnSaniWC/QAABTdS+z5Q4/PNJ+9qo1pj+mbIqpDE3QlqFvsk/Jdg0lWV?= =?us-ascii?Q?Tg5FRZGz4wkXfNbLO96xVwcXKoYuBToxn28ivkNCy8ED1izxXI4jd7Z71miF?= =?us-ascii?Q?isbhHC5RDRJTX7HLQVSyVVTMPBbNWU49nBI/LSfkauembr5msiMNuPuIXt3l?= =?us-ascii?Q?d45OTxQwiuvH5KpKnY/A47lgtPbED03Tfi3GJsDKBbaJXivq3FpzJi1MRMae?= =?us-ascii?Q?pBerqZwXLlmG8201JcG9hB4nc2+L0fNf2Jm6mho/toZcOjTlQmCKjJv+vd9z?= =?us-ascii?Q?6/7ZFIL716srqqSBQOS1kLF/WklJaJLmr+5xerhSfD2ATHImEtktz9WQDqWM?= =?us-ascii?Q?3iz2qSXKj+p31w75xmPRu8bIvhR+Fwy5r3H+SAqCinf/lzRi1WIP4BS9vTzE?= =?us-ascii?Q?jtrHLe6cbZ5WYXAgFP9buFD+0CZMSDHxS+ahzgMU06MhqU/2VbNEVQLulItk?= =?us-ascii?Q?DtmlHfrmBDa27xdCdNvJVygfZZPRtiZHOwvT4pXGYb+j4r9hE4QOchuaQNmY?= =?us-ascii?Q?BwfdUISZhNPq6YmXlonEdrvmRKL3b+ujoPk7gMEthnqNRpeKX9peRAjRaIcm?= =?us-ascii?Q?pRKEFdRoz5JOUmAQcOU=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 954148ae-c73a-4d10-6a6b-08dc4ec8e6a0 X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Mar 2024 01:46:34.9447 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: mUHT7YU9lBFlpr2HYXCHJYZX0b1E+CpB9HhTWPInJ6wwuVtuOWatWhhOwn6KMKkBteaINhVAIc2+a93B03EVGA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ1PR11MB6156 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 27 Mar 2024 18:46:40 -0700 Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: yHa97mSvD1bxE0CkRLnxUhetx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=cUMKAYrL; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Hi, Please follow the correct upstream process to avoid Github CI errors.=20 https://github.com/tianocore/tianocore.github.io/wiki/Laszlo%27s-unkempt-gi= t-guide-for-edk2-contributors-and-maintainers#contributor-workflow You are missing your Sign-off and Cc maintainers in this patch, And please add BZ link to commit message: ''REF: https://bugzilla.tianocore= .org/show_bug.cgi?id=3D4509''. For your code change, '''ASN1_get_object() return error''' or ''''''ASN1_g= et_object() success but Asn1Tag !=3D V_ASN1_SEQUENCE ''' both need to be tr= eated as errors and returned. So you should use logic or instead of and. Before you send V2 patch, please create a PR in EDK2 github to test CI: htt= ps://github.com/tianocore/edk2/pulls Regards, Yi -----Original Message----- From: devel@edk2.groups.io On Behalf Of Sountharya N= via groups.io Sent: Tuesday, March 19, 2024 1:44 PM To: devel@edk2.groups.io; Sountharya N Cc: MANI, SRINIVASAN ; Prarthana Sagar V Subject: [edk2-devel] [PATCH] CryptoPkg: BaseCryptLib: ASN1_get_object() fu= nction return value is not checked properly in CryptX509.c. Added Inf variable, and the error case returned value was checked properly. --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 1182323b63..ac05441383 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length =3D 0; Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert =3D (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla= ss, (long)Length); + Inf =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in= t *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) =3D=3D 0x80) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) { return FALSE; } -- 2.35.1.windows.2 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117189): https://edk2.groups.io/g/devel/message/117189 Mute This Topic: https://groups.io/mt/105019593/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-