From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+118919+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id EB9BFAC0F5D
	for <rebecca@openfw.io>; Wed, 15 May 2024 12:58:38 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=FNpfaSNHnYEDaRomZTR9o24UIEWlNzzG5V7Whn1tCx8=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20240206; t=1715777917; v=1;
 b=fPGuUYEh0w+gE/vmgdlymEfPmMAciDlu6bLEyk+FCWRPcW90lPFiO4DI2b3h4qm8EJrFRieD
 l41xLvi6sp0OvZQVNxUezkoimDXHZVkbwF3VxvEnBSzCanjj24BgF+M0b65wsgNe7j0BnV/xy79
 v6uI07tM8UjTIRbqyDY6x/eniJ6Yby391R0FPqxu+Mgi+iF0DdyiORaN+XeOq3SoH/7NpabJPuY
 z6n8N5jPVYxKeGpDAd8qo4vCHAoTfHGVRFcFNT6QMmBcCsefafdwPoVKmfoNLVXw+ViKnwmgUU1
 GS/pl/gqygb0AC+AIUvX2ZcQWVBA3DwuyrhSlUtZewHtg==
X-Received: by 127.0.0.2 with SMTP id 16URYY7687511xN0bUbro2o6; Wed, 15 May 2024 05:58:37 -0700
X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.17])
 by mx.groups.io with SMTP id smtpd.web11.14355.1715777916465023841
 for <devel@edk2.groups.io>;
 Wed, 15 May 2024 05:58:36 -0700
X-CSE-ConnectionGUID: ahPDPpAZRrCtP9ZtAY3e+g==
X-CSE-MsgGUID: ZonY94wmSiil4Vvp/fbMaA==
X-IronPort-AV: E=McAfee;i="6600,9927,11073"; a="11695396"
X-IronPort-AV: E=Sophos;i="6.08,161,1712646000"; 
   d="scan'208";a="11695396"
X-Received: from orviesa007.jf.intel.com ([10.64.159.147])
  by fmvoesa111.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 May 2024 05:58:36 -0700
X-CSE-ConnectionGUID: oP0O72WjSJKIfpOujqZUyg==
X-CSE-MsgGUID: mOfd8ockTkKeNzqoRpf+Hw==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.08,161,1712646000"; 
   d="scan'208";a="31636523"
X-Received: from qingyush-mobl.ccr.corp.intel.com ([10.124.41.127])
  by orviesa007.jf.intel.com with ESMTP; 15 May 2024 05:58:34 -0700
From: "Qingyu" <qingyu.shang@intel.com>
To: devel@edk2.groups.io
Cc: Qingyu <qingyu.shang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Yi Li <yi1.li@intel.com>
Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return value checking when get X509Cert
Date: Wed, 15 May 2024 20:58:20 +0800
Message-ID: <feae13434aceb2273155d99645d8b23569b5a7bc.1715777637.git.qingyu.shang@intel.com>
In-Reply-To: <cover.1715777637.git.qingyu.shang@intel.com>
References: <cover.1715777637.git.qingyu.shang@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Wed, 15 May 2024 05:58:36 -0700
Resent-From: qingyu.shang@intel.com
Reply-To: devel@edk2.groups.io,qingyu.shang@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: UuAfBvJMVIX5mu1Gnz79hAAKx7686176AA=
Content-Transfer-Encoding: 8bit
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b=fPGuUYEh;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

From: Qingyu <qingyu.shang@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509

CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable
to collect the return value of ASN1_get_object(), which return 0x80 in error
case. Supplement the return value check during the second function call
and correct the check logic.

Signed-off-by: Qingyu <qingyu.shang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Yi Li <yi1.li@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63ee..7ebec9dbad5b 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
   Length = 0;
   Inf    = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
 
-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+  if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
     return FALSE;
   }
 
   *TBSCert = (UINT8 *)Temp;
 
-  ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
+  Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
   //
   // Verify the parsed TBSCertificate is one correct SEQUENCE data.
   //
-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+  if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
     return FALSE;
   }
 
-- 
2.44.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118919): https://edk2.groups.io/g/devel/message/118919
Mute This Topic: https://groups.io/mt/106113214/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-