From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mx.groups.io with SMTP id smtpd.web10.15613.1664098792963301206
 for <devel@edk2.groups.io>;
 Sun, 25 Sep 2022 02:39:53 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=c+THMVQU;
 spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: yi1.li@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1664098792; x=1695634792;
  h=from:to:cc:subject:date:message-id:references:
   in-reply-to:content-transfer-encoding:mime-version;
  bh=pTOtfFSaiXawz6Bggbwb024HTzv2WSBrg6bPnSSVTKg=;
  b=c+THMVQUlQ6BtvuRDne7DvgGlG+CNEFNX3EGmqI9cv+CA18lyaWpZcuy
   rcnuqLw+ghwJB6T4t0/jxFQ0wTV7aUOX65ZI0FknGut2bI2hBAGaVIRqT
   GO091tACFh9QRdkTElAwzzL4fPWCa50ukOomtRqLiZk/sU+9mp+eg8Dyb
   AM5tqm4IxR25H67yOrDr6rpwfY8L9JXoAceq8ElabZt2m1C/Fp0eUlGxx
   CetPRcwEeZxY076sLTVQ+e22z9GF2OadwbMIzfu3o8mxJI1fsaf5cC/St
   Bv8CRLdU/G9jMOUoqQ/GxE6yEPvgNjhdVkfNJYtirlNCVQZKNUdb3u22E
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10480"; a="387137752"
X-IronPort-AV: E=Sophos;i="5.93,344,1654585200"; 
   d="scan'208";a="387137752"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Sep 2022 02:39:52 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.93,344,1654585200"; 
   d="scan'208";a="865796392"
Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82])
  by fmsmga006.fm.intel.com with ESMTP; 25 Sep 2022 02:39:52 -0700
Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by
 fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.31; Sun, 25 Sep 2022 02:39:51 -0700
Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.31 via Frontend Transport; Sun, 25 Sep 2022 02:39:51 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.168)
 by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2375.31; Sun, 25 Sep 2022 02:39:51 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Cz6/oSYJA90bhIA+y/k09qRPy+lbniib7Xn9paRrCacsIaqc2+ztDERKfYstVt7TDbJHPD+NNINKP49Ql/Qls55m/Q+4JdvHwsHfBqtgf4qgYfDXoy82LnBNjcTEyssuUs3AXb8usGEuEvmIYDtoKc4wnDrTBs3YF9sqnZXlb6HgOD0Z6ZRB5net1SO0uP8NewTUeZOW/W0AxE+OzHAEf5uxzZfMYhQMEcaQmtAWsch7cWzV/oEBPWy6xhBQGZ1OaDNXO5AP2QrvYDZwU/JhSlII6mGUvwfl+HwSQaCj6t2QTwlP0chqtb/d+K8Nf9TRvwRdY6DOOxp1ZsaaHJv/0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=p3dMuwykEglTTU8Gqr2z9w9EIXR0l59eqju5U2E5tZ4=;
 b=O47IoyEsvz3aXPmPmRQwosl14jUnOufMiF0LJINO0aF4wQgDqVeffyd0MzS6mehRNk88IWVgvFTf4ufmVBzhw1y//1y4AZVhJyj4WdRKwMU+ZyAy0+bg/QcFUrOcvHh3p2IA+dVmDd+Wa0kPeVRU3YSBNyhQ2jIbttlmISneBiDEh2BNUPyA0Yv4PHCcMvopI++acY/F+ZRBjsvtrawnJqL1Ov31i/RUNmaA7v8Y0+QTMWTPqFoG4Lk5PUt1x3uOc58zl/f+cRxcfSa177K3sHU0kGMPVFbyZrp31kKuMmybmqffkcKT9j127XQnqszcXDoMpiVHkZPlI9cnX26O6Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10)
 by PH0PR11MB5014.namprd11.prod.outlook.com (2603:10b6:510:31::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.24; Sun, 25 Sep
 2022 09:39:49 +0000
Received: from SJ1PR11MB6227.namprd11.prod.outlook.com
 ([fe80::bd4b:a704:7db6:70d4]) by SJ1PR11MB6227.namprd11.prod.outlook.com
 ([fe80::bd4b:a704:7db6:70d4%7]) with mapi id 15.20.5654.020; Sun, 25 Sep 2022
 09:39:48 +0000
From: "yi1 li" <yi1.li@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Li, Yi1"
	<yi1.li@intel.com>, "Yao, Jiewen" <jiewen.yao@intel.com>
CC: "Wang, Jian J" <jian.j.wang@intel.com>, "Lu, Xiaoyu1"
	<xiaoyu1.lu@intel.com>, "Jiang, Guomin" <guomin.jiang@intel.com>
Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf()
Thread-Topic: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix pem heap-buffer-overflow
 due to BIO_snprintf()
Thread-Index: AQHYzoJbcTlrL1q9hkOE7kEK2OR3cq3v5TqQ
Date: Sun, 25 Sep 2022 09:39:48 +0000
Message-ID: <SJ1PR11MB6227E69381ECEA8C83948C43C5539@SJ1PR11MB6227.namprd11.prod.outlook.com>
References: <cover.1663837631.git.yi1.li@intel.com>
 <17172FDE2E57E722.30869@groups.io>
In-Reply-To: <17172FDE2E57E722.30869@groups.io>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|PH0PR11MB5014:EE_
x-ms-office365-filtering-correlation-id: c7d84c63-35fa-456a-e0b0-08da9ed9e372
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Btutv3YAkQT9gxP9UZX+AtzdacLsBE/pgjMneOtZq3lRhb+gxL5SIjo/zbt0NdVqZGDFAS5VZG2M0+WF422QkuK6iW4TgSXFIRN9iCyCPC7fXxSHBuSoG7C/3wj2FeOppA42mRq7IjXoxNa9TsEIE66Kx7DWrTvls8W+lX8jOoego6uYagiEV4nOkqC2vo3qz5f2gnE6Qwa8gSkqCAiAo45fvjYR0jDxuwgFNKvA+FWImMASKv5zYgCFPFBswaVHUcYO2dUL2rSy085DE03Qg43o7QiaoIsuh3axlp5ejkyyLhyK+e/3BNQjfg9twa8VSwoBhMi1VFBXpsZwe4siGsBiE1ZHapr9n7gLAYWI3AkmomFfyRrG4aJ8Q1ENl5Ohuga9OPhWkaLb9pLh2cQhjrj2GFrvvZrVsAdE5W6p49M8KaN4tOkSJVmk9vJnLJ5o9TWhne+fYyvjng9ccN3DV32CZ8GRQWZP16EqLJx5rLIkzlBRt3FwEk/FoCyr+fEh+/ZRSz26DuetNSgAv7TYIccFOAQRiBEUznck9gXHuIRU7K+zKel43QRPkvpEfMc6xkS2R4i/jzbk+tACC0kvZLGyAiLN/deietPZuOMezQP19C1jN9dfNC/OPuZpBi0ApXzwWXqfojKmXVgQRVO3lYV5KF7ppGmzNpgVceLZGuV/Kc9TGi9pl+qjnYJCxO5bhO205Co/YpcGSZRqhkTCfOYS/S8qwoRZnSxl7+NEyop6baRE6aN3qblaJEequEKOEQyHcVBW61IXGDpfp8KHCdwo5h5MOtUJoK86aYvhVVrxN+FmBtLM5y1Wr5kzmLSRNHCvpCEMkOiGf8yc+PC5Ew==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ1PR11MB6227.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(136003)(346002)(376002)(366004)(39860400002)(396003)(451199015)(83380400001)(8676002)(316002)(66556008)(66476007)(66446008)(64756008)(76116006)(186003)(54906003)(110136005)(66946007)(966005)(7696005)(107886003)(6506007)(55016003)(478600001)(8936002)(5660300002)(41300700001)(38100700002)(33656002)(4326008)(6636002)(38070700005)(86362001)(122000001)(2906002)(71200400001)(9686003)(53546011)(26005)(82960400001)(52536014);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?gv0cQrnkeB1VFCFnwoT4bvi67esIQ+zHqYws97qzkdiCw9Adgtyepgwwj33c?=
 =?us-ascii?Q?HOJdFbepdl3i+DqWHWqRjIhPR+JaqpVbtHnRx2H4RDtkEAHZ3bHGjW9ZH75V?=
 =?us-ascii?Q?WuqxrmJdBcxKH+7oafYetnZ1jBu6yeDBEKAy4pn3IoVa38rePsGVVJZffH/b?=
 =?us-ascii?Q?sLhgIXTzW2H+6TnhAlQh846f/V43AK7Aj6rcbaPM7wgm7v0n5YNQD9dkpSFe?=
 =?us-ascii?Q?0ONPTM716hHOQXlJFGjYOhR898CkdesPmG4XVlC13vyPLdIL4XtCWg3RG12Y?=
 =?us-ascii?Q?jORFSO5JQu3EjqCt3PYmzShYR2xa2SkmGHDLcOZPFtTyVc6hVvH+5fY7BBZ4?=
 =?us-ascii?Q?bQi3fIxPyiEr15StPVeBnBxDj/sTqex5VjW3DxxZWHa25MxZdYWWRmnlMdb4?=
 =?us-ascii?Q?6fPq5kfS7iRR3npQvpDOwJ85py0X7K9EFtu3SeqXR1ZdaayH/RvzYTWWo4kL?=
 =?us-ascii?Q?DdAHOEBrCONjzZTCbhGy1Gz7DpvkRCWoTYpSiWKQvOc8eOhqK10Fq+nmZ7uk?=
 =?us-ascii?Q?OmDY3EaRPgybWB6TPYtug3L2kqMoYLGfNLN6FCVk2cBRiaL1OXKn8u+RL96F?=
 =?us-ascii?Q?Vw7rKrl+0mOscAJLmMDYs82FBMzQ+nWMm242Bajgra65JUorhISvIERqCeTt?=
 =?us-ascii?Q?Br+xITaXU2Q3zR5WsDZ4K7U1mldkw16uHkjWe2Hd8jMQiinMB2IhpyA2tcfv?=
 =?us-ascii?Q?wUcT0+Bpyr9envRSV2u8f4VAz0J/NhCUOsxq34mDZHOu503/mn/lx2hLrGUD?=
 =?us-ascii?Q?YwCdgPyaAQXb12wYCoRnyZtFJIHoVwRnRaozq+N4ghE+LoK9Wnt1+nQ6h3u2?=
 =?us-ascii?Q?b2yhXD8ZGBgh5IZktRFF+4PZhVmytbXlXCL4eDC2oCGB/VEQIPhTlPZS1l1M?=
 =?us-ascii?Q?3u7NyekAIC8OgtCtD9sEZxLuInQfGvsVqpMLMKJ0kumbc24FjGak5Kn3jIow?=
 =?us-ascii?Q?U01k8XZ+wFJRfGRwCwz+2r3NumijuaCFEAJwG9V2ICUszGULHxW0cB/1St6R?=
 =?us-ascii?Q?Viirwt/pk9FGO4Kz67WzJ+sHTcSB2Y1RpgMh0oHM07dvciEHmg2BWjIUnMJD?=
 =?us-ascii?Q?co2fqHkkLd+ftYyleiUMFQaRJiOGdbDqVkxdFz59nWUDkKej6opZB7SWCgCA?=
 =?us-ascii?Q?Wm28r8lBl6EQYhM17m5EH59xKvWoahhwiOpptsdfj4R9EA4/vfoA7/OwhQSA?=
 =?us-ascii?Q?Q2neCzj930a23RVhgCePQycTsdI3VC96gptwa0Z/6oO9faF4ce9RdEgzKgZd?=
 =?us-ascii?Q?vYtFNzrDC38YCKPLHNy0b2xOiuvID20GR5qeO1s7IdYF/lrnE7+m9EL8MD63?=
 =?us-ascii?Q?lm29Jmt4Weqbn/MmDeV+lUWZzTeuvm7H9B69mKGyxB8UabakhWlVkRUi1pI2?=
 =?us-ascii?Q?x2L4byZFJvjP7SxmuAXmVUdRu3jtVTuGW3hm+zKHzLWWcBAv9nrpIW+5wARx?=
 =?us-ascii?Q?88kvXDqG0OyO4qJvoZAV0XDsOUPJ72sFH+w2IHriMKn4e9byEwbZC3bFM4XC?=
 =?us-ascii?Q?OM3q0durzGOphXEKAj06uwuJAKCr04nP+c+R9Y5Hv0H4S0DBupPrr6SmMnyN?=
 =?us-ascii?Q?9GTGodREtzDdLCwJ4H0=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c7d84c63-35fa-456a-e0b0-08da9ed9e372
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Sep 2022 09:39:48.6926
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: FbDCsTlayHYfW++z7r0PoYeyLlPwniUpWQXEHs4X6+n3yIzzhZGzNSsa8Jtkvnaw4dw6llw/aczW6v/+AUNQeg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5014
Return-Path: yi1.li@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Jiewen,
Can you take a look at this patch?
WPA3 Tls API fuzzing is blocked because of same pem API.

Thanks,
Yi

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of yi1 li
Sent: Thursday, September 22, 2022 8:53 PM
To: devel@edk2.groups.io
Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, J=
ian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, G=
uomin <guomin.jiang@intel.com>
Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix pem heap-buffer-overflow d=
ue to BIO_snprintf()

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4075

Fake BIO_snprintf() need to return error status -1. 0 will be considered a =
correct return value, this may cause crash, please refer to bugzilla link f=
or details.

Signed-off-by: Yi Li <yi1.li@intel.com>

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPk=
g/Library/BaseCryptLib/SysCall/CrtWrapper.c
index c1fc33538f..d7d8c206ed 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
@@ -494,7 +494,7 @@ BIO_snprintf (
   ...
   )
 {
-  return 0;
+  return -1;
 }
=20
 #ifdef __GNUC__
--
2.31.1.windows.1