+Srinivasan Mani, +Prarthana Sagar, +Gayathri Thunuguntla -----Original Message----- From: Li, Yi1 <yi1...@intel.com> Sent: Sunday, May 19, 2024 6:41 PM To: Sountharya N <sounthar...@ami.com> Cc: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io; Li, Yi1 <yi1...@intel.com>; Shang, Qingyu <qingyu.sh...@intel.com> Subject: [EXTERNAL] RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return value checking when get X509Cert
**CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.** Hi @sounthar...@ami.com, I already asked Qingyu to help raise patch. Will merge it after hard freeze. Thanks, Yi -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi Sent: Wednesday, May 15, 2024 11:32 PM To: devel@edk2.groups.io; Shang, Qingyu <qingyu.sh...@intel.com> Cc: Yao, Jiewen <jiewen....@intel.com> Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return value checking when get X509Cert Looks good to me. Reviewed-by: Yi Li <yi1...@intel.com> We are in Hard Freeze phase, will push it after freeze. Thanks. -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Qingyu Sent: Wednesday, May 15, 2024 8:58 PM To: devel@edk2.groups.io Cc: Shang, Qingyu <qingyu.sh...@intel.com>; Yao, Jiewen <jiewen....@intel.com>; Li, Yi1 <yi1...@intel.com> Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix bug for correct return value checking when get X509Cert From: Qingyu <qingyu.sh...@intel.com> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509 CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable to collect the return value of ASN1_get_object(), which return 0x80 in error case. Supplement the return value check during the second function call and correct the check logic. Signed-off-by: Qingyu <qingyu.sh...@intel.com> Cc: Jiewen Yao <jiewen....@intel.com> Cc: Yi Li <yi1...@intel.com> --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323b63ee..7ebec9dbad5b 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int + *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- 2.44.0.windows.1 -The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119109): https://edk2.groups.io/g/devel/message/119109 Mute This Topic: https://groups.io/mt/106113214/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
