From: "Laszlo Ersek" <lersek@redhat.com>
To: edk2-devel-groups-io <devel@edk2.groups.io>
Cc: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
"Jordan Justen" <jordan.l.justen@intel.com>,
"Liming Gao" <liming.gao@intel.com>,
"Marvin Häuser" <mhaeuser@outlook.de>,
"Michael D Kinney" <michael.d.kinney@intel.com>,
"Philippe Mathieu-Daudé" <philmd@redhat.com>,
"Zhichao Gao" <zhichao.gao@intel.com>
Subject: Re: [edk2-devel] [PATCH 0/3] MdePkg, OvmfPkg: rewrite Base64Decode(), clean up call site
Date: Wed, 17 Jul 2019 00:02:00 +0200 [thread overview]
Message-ID: <a55d7a3c-5549-e082-4cf6-17defdd92447@redhat.com> (raw)
In-Reply-To: <20190702102836.27589-1-lersek@redhat.com>
On 07/02/19 12:28, Laszlo Ersek wrote:
> Repo: https://github.com/lersek/edk2.git
> Branch: base64_decode_bz1891
>
> Base64Decode() has a number of issues; see
>
> - <https://bugzilla.tianocore.org/show_bug.cgi?id=1891>
>
> - and the mailing list discussion linked from
> <https://bugzilla.tianocore.org/show_bug.cgi?id=1891#c6>.
>
> In my opinion, rewriting Base64Decode() from scratch, using a different
> (state machine-based) approach is safer / more robust than attempting to
> identify and patch up individual problems in the current implementation.
> The emphasis of the proposed implementation is to reject invalid input;
> decoding valid input is kind of secondary. (This is the safe approach
> for all parsers that process untrusted input, in my opinion.)
>
> My understanding is that unit tests for Base64Decode() already exist in
> some repository. While I tested the new implementation through OvmfPkg's
> EnrollDefaultKeys application -- which makes the sole calls to
> Base64Decode() in the open source edk2 tree -- I didn't run a unit test
> suite. Help with that (pointers to the test suite, or actual unit
> testing) would be highly appreciated.
>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Marvin Häuser <mhaeuser@outlook.de>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
> Cc: Zhichao Gao <zhichao.gao@intel.com>
>
> Thanks
> Laszlo
>
> Laszlo Ersek (3):
> MdePkg/BaseLib: re-specify Base64Decode(), and add temporary stub impl
> MdePkg/BaseLib: rewrite Base64Decode()
> OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling
>
> MdePkg/Include/Library/BaseLib.h | 99 ++++-
> MdePkg/Library/BaseLib/String.c | 448 +++++++++++++-------
> OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 +-
> 3 files changed, 374 insertions(+), 183 deletions(-)
>
Thank you all for the feedback!
* Added a paragraph to the commit message of patch#2, as requested by
Phil, based on the discussion with Marvin:
+ The intent is to only strengthen the checks (sanity and input) relative to
+ the previous implementation, hence the MAX_ADDRESS checks are reinstated.
...
+ [lersek@redhat.com: add last para to commit msg per talks w/ Marvin & Phil]
* Pushed the first two patches in the series as commit range
84a459472075..35e242b698cd; closing
<https://bugzilla.tianocore.org/show_bug.cgi?id=1891>.
* Filed <https://bugzilla.tianocore.org/show_bug.cgi?id=1980> to track
the CCS non-conformance issue, under approach "2a" (i.e.,
incrementally), as agreed upon with Zhichao. Assigned the BZ to
myself; will post a patch soon.
* Split off the last patch in the series to a separate TianoCore BZ,
namely <https://bugzilla.tianocore.org/show_bug.cgi?id=1981>. Assigned
that BZ to myself too.
Thanks,
Laszlo
prev parent reply other threads:[~2019-07-16 22:02 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-02 10:28 [PATCH 0/3] MdePkg, OvmfPkg: rewrite Base64Decode(), clean up call site Laszlo Ersek
2019-07-02 10:28 ` [PATCH 1/3] MdePkg/BaseLib: re-specify Base64Decode(), and add temporary stub impl Laszlo Ersek
2019-07-16 8:38 ` Philippe Mathieu-Daudé
2019-07-16 9:41 ` Philippe Mathieu-Daudé
2019-07-16 14:14 ` Laszlo Ersek
2019-07-16 14:59 ` Philippe Mathieu-Daudé
2019-07-16 18:53 ` [edk2-devel] " Laszlo Ersek
2019-07-16 10:49 ` Laszlo Ersek
2019-07-16 14:56 ` Liming Gao
2019-07-16 17:15 ` Laszlo Ersek
2019-07-02 10:28 ` [PATCH 2/3] MdePkg/BaseLib: rewrite Base64Decode() Laszlo Ersek
2019-07-12 2:31 ` [edk2-devel] " Gao, Zhichao
2019-07-12 19:31 ` Laszlo Ersek
2019-07-15 15:22 ` Liming Gao
2019-07-15 21:56 ` Laszlo Ersek
2019-07-16 1:18 ` Gao, Zhichao
2019-07-16 10:48 ` Laszlo Ersek
2019-07-15 18:44 ` mhaeuser
2019-07-16 0:45 ` Laszlo Ersek
2019-07-16 10:05 ` Philippe Mathieu-Daudé
2019-07-16 14:17 ` Laszlo Ersek
2019-07-02 10:28 ` [PATCH 3/3] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling Laszlo Ersek
2019-07-15 21:58 ` [edk2-devel] " Laszlo Ersek
2019-07-16 8:36 ` Philippe Mathieu-Daudé
2019-07-10 9:20 ` [edk2-devel] [PATCH 0/3] MdePkg, OvmfPkg: rewrite Base64Decode(), clean up call site Laszlo Ersek
2019-07-16 22:02 ` Laszlo Ersek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a55d7a3c-5549-e082-4cf6-17defdd92447@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox