From: Laszlo Ersek <lersek@redhat.com>
To: Liming Gao <liming.gao@intel.com>, edk2-devel@lists.01.org
Subject: Re: [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX)
Date: Tue, 23 Oct 2018 12:32:13 +0200 [thread overview]
Message-ID: <c727e0d6-fb16-9103-a190-00dea422edeb@redhat.com> (raw)
In-Reply-To: <20181022151811.29644-1-liming.gao@intel.com>
Hi Liming,
On 10/22/18 17:18, Liming Gao wrote:
> In V2, update commit message with fixed CVE number.
>
> Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735
> https://bugzilla.tianocore.org/show_bug.cgi?id=686
>
> Liming Gao (3):
> MdePkg: Add more checker in UefiDecompressLib to access the valid
> buffer only(CVE FIX)
> IntelFrameworkModulePkg: Add more checker in
> UefiTianoDecompressLib(CVE FIX)
> BaseTools: Add more checker in Decompress algorithm to access the
> valid buffer(CVE FIX)
>
> BaseTools/Source/C/Common/Decompress.c | 23 +++++++++++++++++--
> BaseTools/Source/C/TianoCompress/TianoCompress.c | 26 +++++++++++++++++++++-
> .../BaseUefiTianoCustomDecompressLib.c | 16 +++++++++++--
> .../BaseUefiDecompressLib/BaseUefiDecompressLib.c | 17 ++++++++++++--
> 4 files changed, 75 insertions(+), 7 deletions(-)
>
in the subject lines, please add a space character before the string
"(CVE FIX)". This can be done before pushing, of course.
I haven't reviewed the patches for correctness, but formally, they look
OK to me. I'm ACKing the set to confirm that. Thanks for the commit
message updates.
Acked-by: Laszlo Ersek <lersek@redhat.com>
Laszlo
next prev parent reply other threads:[~2018-10-23 10:32 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-22 15:18 [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX) Liming Gao
2018-10-22 15:18 ` [PATCH v2 1/3] MdePkg: Add more checker in UefiDecompressLib to access the valid buffer only(CVE FIX) Liming Gao
2018-10-22 15:18 ` [PATCH v2 2/3] IntelFrameworkModulePkg: Add more checker in UefiTianoDecompressLib(CVE FIX) Liming Gao
2018-10-22 15:18 ` [PATCH v2 3/3] BaseTools: Add more checker in Decompress algorithm to access the valid buffer(CVE FIX) Liming Gao
2018-10-23 10:32 ` Laszlo Ersek [this message]
2018-10-23 13:55 ` [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX) Gao, Liming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c727e0d6-fb16-9103-a190-00dea422edeb@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox