I think I have given R-B. If no, then Reviewed-by: Jiewen Yao <jiewen....@intel.com>
> -----Original Message----- > From: Wu, Hao A <hao.a...@intel.com> > Sent: Thursday, July 29, 2021 4:23 PM > To: devel@edk2.groups.io; xiewen...@huawei.com; Wang, Jian J > <jian.j.w...@intel.com> > Cc: songdongku...@huawei.com; Yao, Jiewen <jiewen....@intel.com>; Laszlo > Ersek <ler...@redhat.com> > Subject: RE: [edk2-devel] [PATCH EDK2 v2 1/1] SecurityPkg/FvReportPei: remove > redundant sizeof > > > -----Original Message----- > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of > > wenyi,xie via groups.io > > Sent: Thursday, July 29, 2021 3:45 PM > > To: devel@edk2.groups.io; Wang, Jian J <jian.j.w...@intel.com>; Wu, Hao A > > <hao.a...@intel.com> > > Cc: songdongku...@huawei.com; xiewen...@huawei.com; Yao, Jiewen > > <jiewen....@intel.com>; Laszlo Ersek <ler...@redhat.com> > > Subject: [edk2-devel] [PATCH EDK2 v2 1/1] SecurityPkg/FvReportPei: remove > > redundant sizeof > > > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3333 > > > > In function InstallPreHashFvPpi, when calculating the size > > of struct HASH_INFOļ¼sizeof is used twice. This bug does > > not lead to buffer overflow, "sizeof (HASH_INFO)" is 4, > > whereas "sizeof (sizeof (HASH_INFO))" is 4 or 8. > > > Thanks. > Reviewed-by: Hao A Wu <hao.a...@intel.com> > > I will wait a couple days before merging to see if any additional comment from > other reviewers. > > Best Regards, > Hao Wu > > > > > > Cc: Jiewen Yao <jiewen....@intel.com> > > Cc: Jian J Wang <jian.j.w...@intel.com> > > Cc: Laszlo Ersek <ler...@redhat.com> > > Signed-off-by: Wenyi Xie <xiewen...@huawei.com> > > Reviewed-by: Laszlo Ersek <ler...@redhat.com> > > --- > > SecurityPkg/FvReportPei/FvReportPei.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/SecurityPkg/FvReportPei/FvReportPei.c > > b/SecurityPkg/FvReportPei/FvReportPei.c > > index d709760ea3ce..e82413e090c0 100644 > > --- a/SecurityPkg/FvReportPei/FvReportPei.c > > +++ b/SecurityPkg/FvReportPei/FvReportPei.c > > @@ -67,7 +67,7 @@ InstallPreHashFvPpi ( > > HASH_INFO *HashInfo; > > > > PpiSize = sizeof > > (EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI) > > - + sizeof (sizeof (HASH_INFO)) > > + + sizeof (HASH_INFO) > > + HashSize; > > > > PreHashedFvPpi = AllocatePool (PpiSize); > > -- > > 2.20.1.windows.1 > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#78354): https://edk2.groups.io/g/devel/message/78354 Mute This Topic: https://groups.io/mt/84523794/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-