From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id ECCF9740038 for ; Thu, 1 Feb 2024 19:49:30 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=i/jSK19aRQyBc+0hV0aebHtHZxRrxim4HOY8TECbdEo=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1706816969; v=1; b=V88WwOxTb3T1Yri7NpMbfpUHbomn/+ERB/RG/Gl/ywmtUwagCKW3j9tBUhsYBwKBZMnlebl3 UxEXFm2BcFVnkkRyPntFMJA4JEiO5ZLlQnGyF/B6o+ipF0VJ+boKSAzbkOq10or29As811WgqJu 9qyeJHFfirhMqKjMaAdNxo50= X-Received: by 127.0.0.2 with SMTP id Fn97YY7687511xcN2XYynEV6; Thu, 01 Feb 2024 11:49:29 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) by mx.groups.io with SMTP id smtpd.web11.5218.1706816968620797357 for ; Thu, 01 Feb 2024 11:49:28 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10971"; a="10615036" X-IronPort-AV: E=Sophos;i="6.05,236,1701158400"; d="scan'208";a="10615036" X-Received: from orviesa008.jf.intel.com ([10.64.159.148]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Feb 2024 11:49:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,236,1701158400"; d="scan'208";a="195608" X-Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orviesa008.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 01 Feb 2024 11:49:28 -0800 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 1 Feb 2024 11:49:27 -0800 X-Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Thu, 1 Feb 2024 11:49:27 -0800 X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.168) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 1 Feb 2024 11:49:26 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cy79rp7WuItiCzNGwlcqNxBPXxK1oh2WCLSDtwT5dOpfO5BYbbRks56kgq67DW+vJKFreGiYPXLU3bbfC9pKmnq9O4QdRiAqKnzLnd2+doqxqDkv3+KZ4CfruRhosB7DfdM2mFg7EuRm9Cy7t3BnLOR7uUgo8VaqB9vbk6qJB/Jx+49nxwPiWHMRmascKlmDwdZU1gtwSjRsrclmE2RDLOGh0dxNxs4JDdDCKqrgBC4vONaqNm2EGqteLTJVe8IAv3GoeA4h29xgT3Ium9TAfYhdqAKlPUe8VvMGvzXVzcJQ0ap/NeuUXJ/86PFbpfziYCI9hYjA/JcNm0hoFKQxdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rDYC/UVVLEx/pZbkqaW0pwM6rKkL9bws515o3K56Cl8=; b=fZCqN0fnbO//hJ82J9pZqj5UqiJPKHJBgWM1bHF/ECZj5W68279uccfAQa54G7J2Wy6P1uEsbuZG8RyNmBwfvIiYPVuiye5r9sJyuXcrGwofeuoFKiI27bbST2gD0L1oYPDifFXoj/jzhsgJzS4Q6zGfg4MCbFP4EY3PYJ96zFbAw2WkkRgxrElNi4NIBviALS4PfG6SeuRfQW8+Tg7W/4hXv4/d5JkuvCZf8DZOrp1iCx1sjbK5dKBATsSUOQFWNiwiO58GQIQ2nyB5Sd8CpJVCrJuuZleqdlyJ73dhMN2Q6iEiXF/VAI2CpGgpBeTAha2OEL1jg2Sydh/5GppIyQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from SN7PR11MB8281.namprd11.prod.outlook.com (2603:10b6:806:26b::20) by IA0PR11MB7881.namprd11.prod.outlook.com (2603:10b6:208:40b::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.34; Thu, 1 Feb 2024 19:49:24 +0000 X-Received: from SN7PR11MB8281.namprd11.prod.outlook.com ([fe80::bf47:e473:3750:b81f]) by SN7PR11MB8281.namprd11.prod.outlook.com ([fe80::bf47:e473:3750:b81f%5]) with mapi id 15.20.7249.024; Thu, 1 Feb 2024 19:49:24 +0000 From: "Saloni Kasbekar" To: "Douglas Flick [MSFT]" , "devel@edk2.groups.io" CC: "Clark-williams, Zachary" Subject: Re: [edk2-devel] [PATCH v2 05/15] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests Thread-Topic: [PATCH v2 05/15] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests Thread-Index: AQHaT+Mxd+6aMRj+ZkGNan8yG/UESrD17c+A Date: Thu, 1 Feb 2024 19:49:23 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SN7PR11MB8281:EE_|IA0PR11MB7881:EE_ x-ms-office365-filtering-correlation-id: f06fb463-8043-4db8-e4f3-08dc235ee409 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: ZtHBrub456oCPVhvPZg0LiqGSYAC4O5/ZKYQozw9XS4EyPte5COUQ+SqKxsrBSioeddAEBD2D/DMJH4JSSxejT3sECHEkb+mbiPH4SIrv0ahsXH2qGhMzwWQmsPgc7FSHinBb/8MpwcZUUVSM3U93jAt0m9rwVYdJu9S/luiSMO+u+k+I6Unro6TqAttqZwP+k52mUoIU8MpcFP7f+FfOEeqxMu9CK3cFWK7R1cIKMKX3zInFk84TQyTuJJbRJ117djBOg0HBXgcgH4Q5gG2rK7e2qk/Yro8OWPhqKLbwWcsh1ROwTfPRgxEMKPiEG/thjO2nMm5CSMYbvqalaUgEA460RJSD2wfb0KCMi/OvLie4lKSLj0Yq2YrCYUMoGLZcfJv0nwz7UkmvVv+YM5MZslReL4ZLEz2r57X24D4rCUt9TAGOBcxWTja7NjERjIx7wMPOTrsVbTGy/q/2kPYi3S9yxftRkrM49KNGPXOBHqB/l6isDFAJ20chwHbA1eVMx3jZP2EerpB6VqEVZMZ/8mcP1/rctxG8w0h7bq9XSuGw7VlRfceqOzp30EhTg7885fcPXswPMVKG+64pHr+QwJtg60mj/bmrtMc2T9sywdvabKeQaC/uqQ8y//Yq1Dc x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Z0ab4oRuLd26HC+xRHzkYcNRrXNwVZvjfOxs0C4uEYaqBZEKtcoyMbNYUIFi?= =?us-ascii?Q?Hme7Tdft8OQvnGS0pRc+9VJGNYhrId6ZFcj3QlQnncHXYV39SZzslWvkxWz4?= =?us-ascii?Q?U0f5jLdSqGzODXqgWWghB9C82APcpCjZvNZyIHSh6MlAC8hv2R1NRUU0Cb+A?= =?us-ascii?Q?jrDT+Zs/eYjiffYY5PxDjMoSEWSwCWZ7Fg+6rO0K8xdxqY05HjFv88Uzc0Bg?= =?us-ascii?Q?Xm7BFPbp1GOOIWLlFZ2JsbgG6dszZZaycQfYJIAKiow9qWJwavHpeyWcnEK2?= =?us-ascii?Q?MCHUwkMY7XPWMNBfkSOwdX8MA682zx9tujXRXMZxYYpE64rVq5QyqcfVaHFl?= =?us-ascii?Q?yZCFIsaCIfyDODp0uDcYqdNfuQYROiaE/+mR2o6VioDMR3u9oCKF/sS5cu9Q?= =?us-ascii?Q?Pr13uqObfC1KPoEFxOTNmRTRS1V7ZJaLXiKHrf9Ec5WHOL7tgJv7p1s/GO2C?= =?us-ascii?Q?+wKoshOPJj+hmhTFrCV567aJSW3dqEEhgH+/SVsgz5+7mzZ0D3wB7zSrksAb?= =?us-ascii?Q?sWB38EJorzxKVatgDUkduFEzQtXZYzGP9GDitLYiHUmHot8GRTR0/BlR0lnC?= =?us-ascii?Q?7pLcx4QDwL1dcX19PRI8ki3lseDpndP40HF4D5m7B8LmLgHTfsPXo1QhFG3B?= =?us-ascii?Q?IR5bJFihY15ROyXTF5IpgYWU0oMhPTY5+H2DULEv4CiktZK3NYW5oxu4p9A9?= =?us-ascii?Q?9FIUKMQrQUK44EQtMzy3mrZfSWGYDBvfxYzXFCFGyn72AirKs3hqa5sK8XIj?= =?us-ascii?Q?CfJgskBXLa2/AN6iVnBIN8E+3XszGX8np4a5jXFyjr06j6wSmK0MSNbStfCa?= =?us-ascii?Q?XbcgmiTZNqrvisDp6cVq/2QQn2TqNDv41lCCg4HMwskyavSyBBRp4BXfZfhY?= =?us-ascii?Q?rerobfbNti04RdhAzjffEKZh1EqVBh17+k1nzQ1kj4qQ7F05P+fYKYYz5QXb?= =?us-ascii?Q?004CDYCWMuo4coLU9cB7XcyWvableUOKq2jalV9TB0xGqMYfo7VArU+5r/HR?= =?us-ascii?Q?9pPajJVCmv+EJreginfesi5d94WSGk9kZbB3Wjey/Cg+BBoRDeZkSeZPF78l?= =?us-ascii?Q?T4OKQ5I13CAv9T8szqgb99B480xOHNq4ATl1GGt8UGuwnc03gpy9X+MLU0Yd?= =?us-ascii?Q?PoC010APj2sMW4oDLHr5xBUZg0T7xZbr1l/yLZD3KB5Q0BIwRFJi2k8EdseG?= =?us-ascii?Q?D+XwIslQeplZufTimC5/M8xmUSxcvcUP5vC9n4/14MurIqkFDFo06vI+nwBg?= =?us-ascii?Q?s4EEnzQuB7Fjffa0f6lW0Dn6+ubFHdMsVyIWNw0dowHX/n8Nb8Eo1D0w52Qn?= =?us-ascii?Q?P5ZXk3yU086RUl96I4amhr6KSUQQvaooqKOl++mwBCMj/7hQ/MoCUi3daV2D?= =?us-ascii?Q?EQtpihazWh5iYcQZU5uc+KPTL9J4GlvnH8dj9cTgAeqOXDX/ZyzOge46l61e?= =?us-ascii?Q?PaX01ImozR1JHzrKkjxvl+y66PbaXrqa5ipmOEpcU1y9qzWLkJpl34jKn5zI?= =?us-ascii?Q?IsvZDLRmjStXCL3/duQGwrkkxP+OrMiTFGOxPjRpi7x9Cyxy/5BQBFfUpGeg?= =?us-ascii?Q?H+0mkDfxT6JJT3NGFVqbjHpMrTMhUri0hebLcy2j?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN7PR11MB8281.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f06fb463-8043-4db8-e4f3-08dc235ee409 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Feb 2024 19:49:23.9392 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: gev1NAsZkKaQzFDOMIY6Pak6Bg+I1Lj/KDAE7edheh+K65psYaVQFmEtw/+fRcma8Rj7xYGxaUcobc8T8RJByr74ro729i+0+6JSzNZDXhc= X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR11MB7881 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,saloni.kasbekar@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: zpQ8ObOwECD9C1rgY4tOboWsx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=V88WwOxT; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") Reviewed-by: Saloni Kasbekar -----Original Message----- From: Douglas Flick [MSFT] =20 Sent: Thursday, January 25, 2024 1:55 PM To: devel@edk2.groups.io Cc: Douglas Flick [MSFT] ; Kasbekar, Saloni ; Clark-williams, Zachary Subject: [PATCH v2 05/15] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-452= 29 Unit Tests REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4534 These tests confirm that the report bug... "Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message" ..has been patched. The following functions are tested to confirm an out of bounds read is patc= hed and that the correct statuses are returned: Dhcp6SeekInnerOptionSafe Dhcp6SeekStsOption TCBZ4534 CVE-2023-45229 CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CWE-125 Out-of-bounds Read Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 + .../GoogleTest/Dhcp6DxeGoogleTest.inf | 1 + .../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h | 58 +++ NetworkPkg/Dhcp6Dxe/Dhcp6Io.c | 2 +- .../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp | 365 +++++++++++++++++- 5 files changed, 424 insertions(+), 3 deletions(-) create mode 100644 Net= workPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/Netwo= rkPkgHostTest.dsc index 20bc90b1728d..24dee654df2e 100644 --- a/NetworkPkg/Test/NetworkPkgHostTest.dsc +++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc @@ -16,6 +16,7 @@ [Defines] SKUID_IDENTIFIER =3D DEFAULT !include UnitTestFrameworkPkg/UnitT= estFrameworkPkgHost.dsc.inc+ [Packages] MdePkg/MdePkg.dec UnitTestFrame= workPkg/UnitTestFrameworkPkg.decdiff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest= /Dhcp6DxeGoogleTest.inf b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest= .inf index 8e9119a37158..12532ed30cb3 100644 --- a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf +++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf @@ -18,6 +18,7 @@ [Defines] [Sources] Dhcp6DxeGoogleTest.cpp Dhcp6IoGoogleTest.cpp+ Dhcp6IoGoogle= Test.h ../Dhcp6Io.c ../Dhcp6Utility.c diff --git a/NetworkPkg/Dhcp6Dxe/= GoogleTest/Dhcp6IoGoogleTest.h b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoog= leTest.h new file mode 100644 index 000000000000..aed3b890827b --- /dev/null +++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.h @@ -0,0 +1,58 @@ +/** @file+ Acts as header for private functions under test in Dhcp6Io.c++= Copyright (c) Microsoft Corporation+ SPDX-License-Identifier: BSD-2-Clau= se-Patent+**/++#ifndef DHCP6_IO_GOOGLE_TEST_H_+#define DHCP6_IO_GOOGLE_TEST= _H_++//////////////////////////////////////////////////////////////////////= //////////+// These are the functions that are being unit tested+//////////= //////////////////////////////////////////////////////////////////////++#in= clude ++/**+ Seeks the Inner Options from a DHCP6 Option++ @param= [in] IaType The type of the IA option.+ @param[in] Option = The pointer to the DHCP6 Option.+ @param[in] OptionLen The leng= th of the DHCP6 Option.+ @param[out] IaInnerOpt The pointer to the IA= inner option.+ @param[out] IaInnerLen The length of the IA inner opt= ion.++ @retval EFI_SUCCESS Seek the inner option successfully.+ @= retval EFI_DEVICE_ERROR The OptionLen is invalid.+*/+EFI_STATUS+Dhcp6See= kInnerOptionSafe (+ UINT16 IaType,+ UINT8 *Option,+ UINT32 OptionLen= ,+ UINT8 **IaInnerOpt,+ UINT16 *IaInnerLen+ );++/**+ Seek StatusCode= Option in package. A Status Code option may appear in the+ options field = of a DHCP message and/or in the options field of another option.+ See deta= ils in section 22.13, RFC3315.++ @param[in] Instance The poin= ter to the Dhcp6 instance.+ @param[in] Packet The pointer t= o reply messages.+ @param[out] Option The pointer to status = code option.++ @retval EFI_SUCCESS Seek status code option su= ccessfully.+ @retval EFI_DEVICE_ERROR An unexpected error.++**/+EF= I_STATUS+Dhcp6SeekStsOption (+ IN DHCP6_INSTANCE *Instance,+ IN = EFI_DHCP6_PACKET *Packet,+ OUT UINT8 **Option+ );++#end= if // DHCP6_IO_GOOGLE_TEST_Hdiff --git a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c b/Ne= tworkPkg/Dhcp6Dxe/Dhcp6Io.c index 89d16484a568..3b8feb4a2032 100644 --- a/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c +++ b/NetworkPkg/Dhcp6Dxe/Dhcp6Io.c @@ -816,7 +816,7 @@ Dhcp6SeekStsOption ( // IA option to the end of the DHCP6 option area, thus subtract the spac= e // up until this option //- OptionLen =3D OptionLen - (*Option - Pac= ket->Dhcp6.Option);+ OptionLen =3D OptionLen - (UINT32)(*Option - Packet->= Dhcp6.Option); // // Seek the inner optiondiff --git a/NetworkPkg/Dhcp= 6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp= 6IoGoogleTest.cpp index 7ee40e4af480..7db253a7b87f 100644 --- a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp +++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp @@ -13,6 +13,7 @@ extern "C" { #include #include "../Dhcp6Impl.h" #includ= e "../Dhcp6Utility.h"+ #include "Dhcp6IoGoogleTest.h" } /////////////////= ///////////////////////////////////////////////////////@@ -21,7 +22,35 @@ e= xtern "C" { #define DHCP6_PACKET_MAX_LEN 1500 +// This definition is used by this te= st but is also required to compile+// by Dhcp6Io.c+#define DHCPV6_OPTION_IA= _NA 3+#define DHCPV6_OPTION_IA_TA 4++#define SEARCH_PATTERN 0xDEADC0= DE+#define SEARCH_PATTERN_LEN sizeof(SEARCH_PATTERN)+ ////////////////////= ////////////////////////////////////////////////////+// Test structures for= IA_NA and IA_TA options+//////////////////////////////////////////////////= //////////////////////+typedef struct {+ UINT16 Code;+ UINT16 Len;+= UINT32 IAID;+} DHCPv6_OPTION;++typedef struct {+ DHCPv6_OPTION Hea= der;+ UINT32 T1;+ UINT32 T2;+ UINT8 Inner= Options[0];+} DHCPv6_OPTION_IA_NA;++typedef struct {+ DHCPv6_OPTION Hea= der;+ UINT8 InnerOptions[0];+} DHCPv6_OPTION_IA_TA;+ //////////= ////////////////////////////////////////////////////////////// // Symbol De= finitions // These functions are not directly under test - but required to = compile@@ -210,7 +239,7 @@ TEST_F (Dhcp6AppendETOptionTest, InvalidDataExpe= ctBufferTooSmall) { Status =3D Dhcp6AppendETOption ( Dhcp6AppendETOptionTest::P= acket, &Cursor,- &Instance, // Instance is not use= d in this function+ &Instance, // Instance i= s not used in this function &ElapsedTime ); @@ -2= 40,7 +269,7 @@ TEST_F (Dhcp6AppendETOptionTest, ValidDataExpectSuccess) { Status =3D Dhcp6AppendETOption ( Dhcp6AppendETOptionTest::P= acket, &Cursor,- &Instance, // Instance is not use= d in this function+ &Instance, // Instance i= s not used in this function &ElapsedTime ); @@ -4= 76,3 +505,335 @@ TEST_F (Dhcp6AppendIaOptionTest, IaTaValidDataExpectSucces= s) { // verify that the status is EFI_SUCCESS ASSERT_EQ (Status, EFI_SUCCES= S); }++////////////////////////////////////////////////////////////////////= ////+// Dhcp6SeekInnerOptionSafe Tests+////////////////////////////////////= ////////////////////////////////////++// Define a fixture for your tests if= needed+class Dhcp6SeekInnerOptionSafeTest : public ::testing::Test {+prote= cted:+ // Add any setup code if needed+ virtual void+ SetUp (+ )+ {+= // Initialize any resources or variables+ }++ // Add any cleanup code= if needed+ virtual void+ TearDown (+ )+ {+ // Clean up any resour= ces or variables+ }+};++// Test Description:+// This test verifies that Dh= cp6SeekInnerOptionSafe returns EFI_SUCCESS when the IANA option is found.+T= EST_F (Dhcp6SeekInnerOptionSafeTest, IANAValidOptionExpectSuccess) {+ EFI_= STATUS Result;+ UINT8 Option[sizeof (DHCPv6_OPTIO= N_IA_NA) + SEARCH_PATTERN_LEN] =3D { 0 };+ UINT32 OptionLeng= th =3D sizeof (Option);+ DHCP= v6_OPTION_IA_NA *OptionPtr = =3D (DHCPv6_OPTION_IA_NA *)Option;+ UINT32 SearchPattern = =3D SEARCH_PATTERN;++ UINTN Sea= rchPatternLength =3D SEARCH_PATTERN_LEN;+ UINT8 *InnerOptionPtr =3D = NULL;+ UINT16 InnerOptionLength =3D 0;++ OptionPtr->Header.Code =3D Dh= cp6OptIana;+ OptionPtr->Header.Len =3D HTONS (4 + 12); // Valid length ha= s to be more than 12+ OptionPtr->Header.IAID =3D 0x12345678;+ OptionPtr->= T1 =3D 0x11111111;+ OptionPtr->T2 =3D 0x22222222;+ Copy= Mem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLength);++ Resu= lt =3D Dhcp6SeekInnerOptionSafe (+ Dhcp6OptIana,+ O= ption,+ OptionLength,+ &InnerOptionPtr,+ = &InnerOptionLength+ );+ ASSERT_EQ (Result, EFI_SUCCESS);+ A= SSERT_EQ (InnerOptionLength, 4);+ ASSERT_EQ (CompareMem (InnerOptionPtr, &= SearchPattern, SearchPatternLength), 0);+}++// Test Description:+// This te= st verifies that Dhcp6SeekInnerOptionSafe returns EFI_DEIVCE_ERROR when the= IANA option size is invalid.+TEST_F (Dhcp6SeekInnerOptionSafeTest, IANAInv= alidSizeExpectFail) {+ // Lets add an inner option of bytes we expect to f= ind+ EFI_STATUS Status;+ UINT8 Option[sizeof (DH= CPv6_OPTION_IA_NA) + SEARCH_PATTERN_LEN] =3D { 0 };+ UINT32 = OptionLength =3D sizeof (Optio= n);+ DHCPv6_OPTION_IA_NA *OptionPtr = =3D (DHCPv6_OPTION_IA_NA *)Option;+ UINT32 SearchP= attern =3D SEARCH_PATTERN;++ U= INTN SearchPatternLength =3D SEARCH_PATTERN_LEN;+ UINT8 *InnerOptionPt= r =3D NULL;+ UINT16 InnerOptionLength =3D 0;++ OptionPtr->Header.C= ode =3D Dhcp6OptIana;+ OptionPtr->Header.Len =3D HTONS (4); // Set the le= ngth to lower than expected (12)+ OptionPtr->Header.IAID =3D 0x12345678;+ = OptionPtr->T1 =3D 0x11111111;+ OptionPtr->T2 =3D 0x2222= 2222;+ CopyMem (OptionPtr->InnerOptions, &SearchPattern, SearchPatternLeng= th);++ // Set the InnerOptionLength to be less than the size of the option= + Status =3D Dhcp6SeekInnerOptionSafe (+ Dhcp6OptIana,+ = Option,+ OptionLength,+ &InnerOptionPtr,+ = &InnerOptionLength+ );+ ASSERT_EQ (Status, EFI_DEVICE= _ERROR);++ // Now set the OptionLength to be less than the size of the opt= ion+ OptionLength =3D sizeof (DHCPv6_OPTION_IA_NA) - 1;+ Status =3D= Dhcp6SeekInnerOptionSafe (+ Dhcp6OptIana,+ = Option,+ OptionLength,+ &InnerOpti= onPtr,+ &InnerOptionLength+ );+ ASSERT= _EQ (Status, EFI_DEVICE_ERROR);+}++// Test Description:+// This test verifi= es that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option i= s found+TEST_F (Dhcp6SeekInnerOptionSafeTest, IATAValidOptionExpectSuccess)= {+ // Lets add an inner option of bytes we expect to find+ EFI_STATUS = Status;+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) = + SEARCH_PATTERN_LEN] =3D { 0 };+ UINT32 OptionLength = =3D sizeof (Option);+ DHCPv6_OPTION= _IA_TA *OptionPtr =3D (DHCP= v6_OPTION_IA_TA *)Option;+ UINT32 SearchPattern = =3D SEARCH_PATTERN;++ UINTN SearchPatter= nLength =3D SEARCH_PATTERN_LEN;+ UINT8 *InnerOptionPtr =3D NULL;+ U= INT16 InnerOptionLength =3D 0;++ OptionPtr->Header.Code =3D Dhcp6OptIat= a;+ OptionPtr->Header.Len =3D HTONS (4 + 4); // Valid length has to be mo= re than 4+ OptionPtr->Header.IAID =3D 0x12345678;+ CopyMem (OptionPtr->In= nerOptions, &SearchPattern, SearchPatternLength);++ Status =3D Dhcp6SeekIn= nerOptionSafe (+ Dhcp6OptIata,+ Option,+ = OptionLength,+ &InnerOptionPtr,+ &InnerOptionLeng= th+ );+ ASSERT_EQ (Status, EFI_SUCCESS);+ ASSERT_EQ (InnerOpt= ionLength, 4);+ ASSERT_EQ (CompareMem (InnerOptionPtr, &SearchPattern, Sea= rchPatternLength), 0);+}++// Test Description:+// This test verifies that D= hcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA option size is in= valid.+TEST_F (Dhcp6SeekInnerOptionSafeTest, IATAInvalidSizeExpectFail) {+ = // Lets add an inner option of bytes we expect to find+ EFI_STATUS = Status;+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA) + SE= ARCH_PATTERN_LEN] =3D { 0 };+ UINT32 OptionLength = =3D sizeof (Option);+ DHCPv6_OPTION_IA_= TA *OptionPtr =3D (DHCPv6_O= PTION_IA_TA *)Option;+ UINT32 SearchPattern = =3D SEARCH_PATTERN;++ UINTN SearchPatternLen= gth =3D SEARCH_PATTERN_LEN;+ UINT8 *InnerOptionPtr =3D NULL;+ UINT1= 6 InnerOptionLength =3D 0;++ OptionPtr->Header.Code =3D Dhcp6OptIata;+ = OptionPtr->Header.Len =3D HTONS (2); // Set the length to lower than expe= cted (4)+ OptionPtr->Header.IAID =3D 0x12345678;+ CopyMem (OptionPtr->Inn= erOptions, &SearchPattern, SearchPatternLength);++ Status =3D Dhcp6SeekInn= erOptionSafe (+ Dhcp6OptIata,+ Option,+ = OptionLength,+ &InnerOptionPtr,+ &InnerOptionLengt= h+ );+ ASSERT_EQ (Status, EFI_DEVICE_ERROR);++ // Now lets tr= y modifying the OptionLength to be less than the size of the option+ Optio= nLength =3D sizeof (DHCPv6_OPTION_IA_TA) - 1;+ Status =3D Dhcp6SeekI= nnerOptionSafe (+ Dhcp6OptIata,+ Option= ,+ OptionLength,+ &InnerOptionPtr,+ = &InnerOptionLength+ );+ ASSERT_EQ (Status= , EFI_DEVICE_ERROR);+}++// Test Description:+// This test verifies that any= other Option Type fails+TEST_F (Dhcp6SeekInnerOptionSafeTest, InvalidOptio= n) {+ // Lets add an inner option of bytes we expect to find+ EFI_STATUS = Result;+ UINT8 Option[sizeof (DHCPv6_OPTION_IA_TA= ) + SEARCH_PATTERN_LEN] =3D { 0 };+ UINT32 OptionLength = =3D sizeof (Option);+ DHCPv6_OPTI= ON_IA_TA *OptionPtr =3D (DH= CPv6_OPTION_IA_TA *)Option;+ UINT32 SearchPattern = =3D SEARCH_PATTERN;++ UINTN SearchPatt= ernLength =3D SEARCH_PATTERN_LEN;+ UINT8 *InnerOptionPtr =3D NULL;+ = UINT16 InnerOptionLength =3D 0;++ OptionPtr->Header.Code =3D 0xC0DE;+ = OptionPtr->Header.Len =3D HTONS (2); // Set the length to lower than expe= cted (4)+ OptionPtr->Header.IAID =3D 0x12345678;+ CopyMem (OptionPtr->Inn= erOptions, &SearchPattern, SearchPatternLength);++ Result =3D Dhcp6SeekInn= erOptionSafe (0xC0DE, Option, OptionLength, &InnerOptionPtr, &InnerOptionLe= ngth);+ ASSERT_EQ (Result, EFI_DEVICE_ERROR);+}++/////////////////////////= ///////////////////////////////////////////////+// Dhcp6SeekStsOption Tests= +////////////////////////////////////////////////////////////////////////++= #define PACKET_SIZE (1500)++class Dhcp6SeekStsOptionTest : public ::testin= g::Test {+public:+ DHCP6_INSTANCE Instance =3D { 0 };+ EFI_DHCP6_PAC= KET *Packet =3D NULL;+ EFI_DHCP6_CONFIG_DATA Config =3D { 0 };++protec= ted:+ // Add any setup code if needed+ virtual void+ SetUp (+ )+ {+ = // Allocate a packet+ Packet =3D (EFI_DHCP6_PACKET *)AllocateZeroPool= (PACKET_SIZE);+ ASSERT_NE (Packet, nullptr);++ // Initialize the pac= ket+ Packet->Size =3D PACKET_SIZE;++ Instance.Config =3D &Config;+ }= ++ // Add any cleanup code if needed+ virtual void+ TearDown (+ )+ {= + // Clean up any resources or variables+ FreePool (Packet);+ }+};++= // Test Description:+// This test verifies that Dhcp6SeekStsOption returns = EFI_DEVICE_ERROR when the option is invalid+// This verifies that the calli= ng function is working as expected+TEST_F (Dhcp6SeekStsOptionTest, SeekIATA= OptionExpectFail) {+ EFI_STATUS Status;+ UINT8 *Option = =3D NULL;+ UINT32 SearchPattern =3D SEARCH_PATTERN;+ UI= NT16 SearchPatternLength =3D SEARCH_PATTERN_LEN;+ UINT16 *Le= n =3D NULL;+ EFI_DHCP6_IA Ia =3D { 0 };++= Ia.Descriptor.Type =3D DHCPV6_OPTION_IA_TA;+ Ia.IaAddress= Count =3D 1;+ Ia.IaAddress[0].PreferredLifetime =3D 0xDEAD= BEEF;+ Ia.IaAddress[0].ValidLifetime =3D 0xDEADAAAA;+ Ia.IaAddress[0]= .IpAddress =3D mAllDhcpRelayAndServersAddress;++ Packet->Length = =3D sizeof (EFI_DHCP6_HEADER);++ Option =3D Dhcp6SeekStsOptionTest::Packet= ->Dhcp6.Option;++ // Let's append the option to the packet+ Status =3D Dh= cp6AppendOption (+ Dhcp6SeekStsOptionTest::Packet,+ = &Option,+ Dhcp6OptStatusCode,+ SearchPatternLength= ,+ (UINT8 *)&SearchPattern+ );+ ASSERT_EQ (Status,= EFI_SUCCESS);++ // Inner option length - this will be overwritten later+ = Len =3D (UINT16 *)(Option + 2);++ // Fill in the inner IA option+ Status= =3D Dhcp6AppendIaOption (+ Dhcp6SeekStsOptionTest::Packet,+ = &Option,+ &Ia,+ 0x12345678,+ = 0x11111111,+ 0x22222222+ );+ ASSERT_EQ (Status, EF= I_SUCCESS);++ // overwrite the len of inner Ia option+ *Len =3D HTONS (3)= ;++ Dhcp6SeekStsOptionTest::Instance.Config->IaDescriptor.Type =3D DHCPV6_= OPTION_IA_TA;++ Option =3D NULL;+ Status =3D Dhcp6SeekStsOption (&(Dhcp6S= eekStsOptionTest::Instance), Dhcp6SeekStsOptionTest::Packet, &Option);++ A= SSERT_EQ (Status, EFI_DEVICE_ERROR);+}++// Test Description:+// This test v= erifies that Dhcp6SeekInnerOptionSafe returns EFI_SUCCESS when the IATA opt= ion size is invalid.+TEST_F (Dhcp6SeekStsOptionTest, SeekIANAOptionExpectSu= ccess) {+ EFI_STATUS Status =3D EFI_NOT_FOUND;+ UINT8 = *Option =3D NULL;+ UINT32 SearchPattern =3D = SEARCH_PATTERN;+ UINT16 SearchPatternLength =3D SEARCH_PATTERN_LEN;= + EFI_DHCP6_IA Ia =3D { 0 };++ Ia.Descriptor.Type = =3D DHCPV6_OPTION_IA_NA;+ Ia.IaAddressCount =3D = 1;+ Ia.IaAddress[0].PreferredLifetime =3D 0x11111111;+ Ia.IaAddress[0].Va= lidLifetime =3D 0x22222222;+ Ia.IaAddress[0].IpAddress =3D mAl= lDhcpRelayAndServersAddress;+ Packet->Length =3D sizeof= (EFI_DHCP6_HEADER);++ Option =3D Dhcp6SeekStsOptionTest::Packet->Dhcp6.Op= tion;++ Status =3D Dhcp6AppendOption (+ Dhcp6SeekStsOptionTest= ::Packet,+ &Option,+ Dhcp6OptStatusCode,+ = SearchPatternLength,+ (UINT8 *)&SearchPattern+ )= ;+ ASSERT_EQ (Status, EFI_SUCCESS);++ Status =3D Dhcp6AppendIaOption (+ = Dhcp6SeekStsOptionTest::Packet,+ &Option,+ = &Ia,+ 0x12345678,+ 0x11111111,+ 0x22= 222222+ );+ ASSERT_EQ (Status, EFI_SUCCESS);++ Dhcp6SeekStsOp= tionTest::Instance.Config->IaDescriptor.Type =3D DHCPV6_OPTION_IA_NA;++ Op= tion =3D NULL;+ Status =3D Dhcp6SeekStsOption (&(Dhcp6SeekStsOptionTest::I= nstance), Dhcp6SeekStsOptionTest::Packet, &Option);++ ASSERT_EQ (Status, E= FI_SUCCESS);+}--=20 2.43.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#114959): https://edk2.groups.io/g/devel/message/114959 Mute This Topic: https://groups.io/mt/103964980/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-