From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.85.221.67, mailfrom: philmd@redhat.com) Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com [209.85.221.67]) by groups.io with SMTP; Tue, 16 Jul 2019 01:36:30 -0700 Received: by mail-wr1-f67.google.com with SMTP id n9so19950100wrr.4 for ; Tue, 16 Jul 2019 01:36:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:openpgp:message-id :date:user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=9uCg/fijBBr9R2sPD1Tq4jVlRGY2HPts6wbH7rhxGgM=; b=pJiWyvQql3M+j5+cpLMfzWkXCP185u+O2MnhTrFysLmaTcPnqTQpO3MMqNSGzhddfV JL+E9JLEo+IHn9CvXrYWdjMswbGTc/nv5Cn4lEBzGu3m3fnvAvupqgoPPtksHqZvi0qk PChN9Fh9RyQ63FtUDgUIf0nWbSRAYNf1VcWOQtV54jbm0ihgKH+2Ll3xUn++wvL+y6Ms PyL3X7RSCSEqNqlTTPcqLnjAL9tX02vkFy1j29g+ZU+FejlOg9+ezVfo8/9Tt22n7rBV cc/xVmKW4wOCGQ6qaAZavX4Gs78N+1eqrZBN0QxD9uDOHYnyJ1WEyQDX3Vq7YAZ8PX2b Iqbw== X-Gm-Message-State: APjAAAXBoWn+d0N90PvSCD4QWE2trwKwRxqCi6IecFKnSeE5tujlraeP c3nxRQGWlmyj6hBq3cmzQyl7Ug== X-Google-Smtp-Source: APXvYqyzaWUJVOeHNfc0y9zqXTCjY39etAfmIfGHrIuNZGlbz8/N3ffOAxT5tdvdX/8BVp9ZTSiyMA== X-Received: by 2002:adf:dd8e:: with SMTP id x14mr34032103wrl.344.1563266188996; Tue, 16 Jul 2019 01:36:28 -0700 (PDT) Return-Path: Received: from [192.168.1.37] (62.red-83-42-61.dynamicip.rima-tde.net. [83.42.61.62]) by smtp.gmail.com with ESMTPSA id n2sm13693455wmi.38.2019.07.16.01.36.28 (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128); Tue, 16 Jul 2019 01:36:28 -0700 (PDT) Subject: Re: [edk2-devel] [PATCH 3/3] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling To: devel@edk2.groups.io, lersek@redhat.com, Jordan Justen Cc: Ard Biesheuvel References: <20190702102836.27589-1-lersek@redhat.com> <20190702102836.27589-4-lersek@redhat.com> <4077dc6e-a80e-3b0b-39b8-a407bac4a010@redhat.com> From: =?UTF-8?B?UGhpbGlwcGUgTWF0aGlldS1EYXVkw6k=?= Openpgp: id=89C1E78F601EE86C867495CBA2A3FD6EDEADC0DE; url=http://pgp.mit.edu/pks/lookup?op=get&search=0xA2A3FD6EDEADC0DE Message-ID: Date: Tue, 16 Jul 2019 10:36:27 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 MIME-Version: 1.0 In-Reply-To: <4077dc6e-a80e-3b0b-39b8-a407bac4a010@redhat.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit On 7/15/19 11:58 PM, Laszlo Ersek wrote: > Jordan, can you please ACK this one patch in the series? > > Thanks! > Laszlo > > On 07/02/19 12:28, Laszlo Ersek wrote: >> Base64Decode() now guarantees that DestinationSize is larger on output >> than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean up the >> retval handling for the first Base64Decode() call in EnrollDefaultKeys, >> which used to work around the ambiguity in the previous Base64Decode() >> interface contract. >> >> Cc: Ard Biesheuvel >> Cc: Jordan Justen >> Cc: Philippe Mathieu-Daudé >> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1891 >> Signed-off-by: Laszlo Ersek >> --- >> OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++-------- >> 1 file changed, 2 insertions(+), 8 deletions(-) >> >> diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c >> index f45cb799f726..302b80d97720 100644 >> --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c >> +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c >> @@ -154,14 +154,8 @@ GetPkKek1 ( >> Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize); >> switch (Status) { >> case EFI_BUFFER_TOO_SMALL: >> - if (DecodedCertSize > 0) { >> - break; >> - } >> - // >> - // Fall through: the above Base64Decode() call is ill-specified in BaseLib >> - // if Source decodes to zero bytes (for example if it consists of ignored >> - // whitespace only). >> - // >> + ASSERT (DecodedCertSize > 0); >> + break; >> case EFI_SUCCESS: >> AsciiPrint ("error: empty certificate after app prefix %g\n", >> &gOvmfPkKek1AppPrefixGuid); >> Reviewed-by: Philippe Mathieu-Daude