Re: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob()
On Thu, 11 Jan 2024 at 09:35, Guo, Gua wrote: > > CC: @Mathews, John and @Zimmer, Vincent > > Hi @Gerd Hoffmann > > My company teammate share me your patch can resolved > https://bugzilla.tianocore.org/show_bug.cgi?id=4166. So the signed-off name > is your name. > Again, a signed-off-by line is *not* a statement of authorship. You *cannot* add it on someone else's behalf if you want to credit the author. A signed-off-by line is a statement by the contributor of the code to indicate that the contributed code is made available under conditions that are in agreement with the open source license of the project. If you want to credit the author, you can mention their name in the commit log, or add some other tag (authored-by, for example). If you want to contribute code by another author, and you know you are able to do so under the terms, you should indicate so by adding your own signed-off line to the patch. Thanks, Ard. > If you have any concern, you can also share for me, if you don't have concern > please also let me know, before merging it. > > It's PR https://github.com/tianocore/edk2/pull/5252/ > > Thanks, > Gua > -Original Message- > From: devel@edk2.groups.io On Behalf Of Guo, Gua > Sent: Thursday, January 11, 2024 1:15 PM > To: devel@edk2.groups.io > Cc: Guo, Gua > Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() > > From: Gua Guo > > Fix Integer Overflow for CVE-2022-36765 > 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. > StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: > Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in > CreateHob() > > > Gerd Hoffmann (4): > UefiPayloadPkg/Hob: Integer Overflow in CreateHob() > StandaloneMmPkg/Hob: Integer Overflow in CreateHob() > EmbeddedPkg/Hob: Integer Overflow in CreateHob() > MdeModulePkg/Hob: Integer Overflow in CreateHob() > > EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++ > MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- > .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++ > UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++ > 4 files changed, 19 insertions(+), 1 deletion(-) > > -- > 2.39.2.windows.1 > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113594): https://edk2.groups.io/g/devel/message/113594 Mute This Topic: https://groups.io/mt/103657270/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob()
CC: @Mathews, John and @Zimmer, Vincent Hi @Gerd Hoffmann My company teammate share me your patch can resolved https://bugzilla.tianocore.org/show_bug.cgi?id=4166. So the signed-off name is your name. If you have any concern, you can also share for me, if you don't have concern please also let me know, before merging it. It's PR https://github.com/tianocore/edk2/pull/5252/ Thanks, Gua -Original Message- From: devel@edk2.groups.io On Behalf Of Guo, Gua Sent: Thursday, January 11, 2024 1:15 PM To: devel@edk2.groups.io Cc: Guo, Gua Subject: [edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob() From: Gua Guo Fix Integer Overflow for CVE-2022-36765 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() Gerd Hoffmann (4): UefiPayloadPkg/Hob: Integer Overflow in CreateHob() StandaloneMmPkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Hob: Integer Overflow in CreateHob() MdeModulePkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++ MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++ UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++ 4 files changed, 19 insertions(+), 1 deletion(-) -- 2.39.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113593): https://edk2.groups.io/g/devel/message/113593 Mute This Topic: https://groups.io/mt/103657270/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 0/4] Bz4166: Integer Overflow in CreateHob()
From: Gua Guo Fix Integer Overflow for CVE-2022-36765 1. UefiPayloadPkg/Hob: Integer Overflow in CreateHob() 2. StandaloneMmPkg/Hob: Integer Overflow in CreateHob() 3. EmbeddedPkg/Hob: Integer Overflow in CreateHob() 4. MdeModulePkg/Hob: Integer Overflow in CreateHob() Gerd Hoffmann (4): UefiPayloadPkg/Hob: Integer Overflow in CreateHob() StandaloneMmPkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Hob: Integer Overflow in CreateHob() MdeModulePkg/Hob: Integer Overflow in CreateHob() EmbeddedPkg/Library/PrePiHobLib/Hob.c | 6 ++ MdeModulePkg/Core/Pei/Hob/Hob.c | 2 +- .../StandaloneMmCoreHobLib/Arm/StandaloneMmCoreHobLib.c | 6 ++ UefiPayloadPkg/Library/PayloadEntryHobLib/Hob.c | 6 ++ 4 files changed, 19 insertions(+), 1 deletion(-) -- 2.39.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113576): https://edk2.groups.io/g/devel/message/113576 Mute This Topic: https://groups.io/mt/103657270/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
