From nobody Sun May 19 02:26:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97926+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97926+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1672822937; cv=none; d=zohomail.com; s=zohoarc; b=oDI4mVJHgLPBjRV4UaVFgIjc0OzQ5CtbcQ4aICaLS2C0TkP/OBY8fuJppanwyUuj02hTrAxSeY8yLwWsJieSH2Zz3dCyFfeV43yQDeJ2Z8O8CnbB/HDJMLwQbgWyB2Fy5O1uo2Epdw9UYQ4849/60RyQ0HyJ5Ecfr9QMw0jAyf4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1672822937; h=Content-Type:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To; bh=y8czdSZZBz8vzg+MbYI2XmZe0e2TJhUJqye24ohswVc=; b=e4q5Ewu6P9dgsQ2hsTLIyPNAiWib4/AICE7UPCDoF23Kud+5U6iocvVNFyorrqhy+2AX77+fPG4atqDrq3IDkCHurCBpR2MRhShu9QBU6WLejyc2SfWBqoBd/d3cBz1QBwr6cI7xSBrPbmCYgj5KTDrN/qtTqFodGe182cWB4V4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97926+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1672822937726283.8521482448971; Wed, 4 Jan 2023 01:02:17 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ztvzYY1788612xa6NFsOdBae; Wed, 04 Jan 2023 01:02:17 -0800 Subject: [edk2-devel] [PATCH] SecurityPkg/Library/HashLibBaseCryptoRouter: Fix NULL_RETURNS Coverity issue To: devel@edk2.groups.io From: "Ranbir Singh via groups.io" X-Originating-Location: Bengaluru, Karnataka, IN (122.172.85.38) X-Originating-Platform: Windows Chrome 108 User-Agent: GROUPS.IO Web Poster MIME-Version: 1.0 Date: Wed, 04 Jan 2023 01:02:16 -0800 Message-ID: Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Ranbir.Singh3@Dell.com X-Gm-Message-State: YiENHgEWzGcFkDi9KTkdagevx1787277AA= Content-Type: multipart/alternative; boundary="S6FY69ikGJnfR4yTSY3u" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1672822937; bh=y7FGT77AWHQQUXaNzc5QWQPYAMi9LqXCNVLgHhY6mig=; h=Content-Type:Date:From:Reply-To:Subject:To; b=oHe7lZu+HFsY5INwNu3pldYiQVVTj34aefZYgxPM+pWu2Y7dUSpSQatohcQZROncvVS WbIotdykqd25EmdGYw0loTjD53CmRD1D9ATkKmpUM5HAXox7qGzZsmA+2P+Qix1PzajwZ UYz4xyVyGLFcIa1JXtg4YpWCm7Pt36xdVWI= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1672822939063100001 --S6FY69ikGJnfR4yTSY3u Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 In file SecurityPkg/Library/HashLibBaseCryptoRouter/ HashLibBaseCryptoRouterPei.c, the function CheckSupportedHashMaskMismatch calls InternalGetHashInterfaceHob and stores return value in HashInterfaceHobLast. Thereafter, it does ASSERT (HashInterfaceHobLast !=3D NULL); but this comes into play only in DEBUG mode. In Release mode, the code continues to proceed to dereferencing "HashInterfaceHobLast" which will lead to CRASH if HashInterfaceHobLast is NULL. Hence, for safety add HashInterfaceHobLast NULL pointer check before accessing further field values. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4225 Signed-off-by: Ranbir Singh --- .../HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c=C2=A0 =C2=A0 =C2= =A0 =C2=A0| 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerPei.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerPei.c index eeb424b6c3..0c8315ed03 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPe= i.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPe= i.c @@ -108,7 +108,8 @@ CheckSupportedHashMaskMismatch ( HashInterfaceHobLast =3D InternalGetHashInterfaceHob (&gZeroGuid); ASSERT (HashInterfaceHobLast !=3D NULL); -=C2=A0 if ((HashInterfaceHobLast->SupportedHashMask !=3D 0) && +=C2=A0 if ((HashInterfaceHobLast !=3D NULL) && +=C2=A0 =C2=A0 =C2=A0 (HashInterfaceHobLast->SupportedHashMask !=3D 0) && (HashInterfaceHobCurrent->SupportedHashMask !=3D HashInterfaceHobLast->Supp= ortedHashMask)) { DEBUG (( -- 2.36.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97926): https://edk2.groups.io/g/devel/message/97926 Mute This Topic: https://groups.io/mt/96046920/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --S6FY69ikGJnfR4yTSY3u Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable
In file SecurityPkg/Library/HashLibBaseCryptoRouter/
HashLibBaseCryptoRouterPei.c, the function
CheckSupportedHashMaskMismatch calls InternalGetHashInterfaceHob and
stores return value in HashInterfaceHobLast. Thereafter, it does
 
  ASSERT (HashInterfaceHobLast !=3D NULL);
 
but this comes into play only in DEBUG mode. In Release mode, the
code continues to proceed to dereferencing "HashInterfaceHobLast"
which will lead to CRASH if HashInterfaceHobLast is NULL.
 
Hence, for safety add HashInterfaceHobLast NULL pointer check before
accessing further field values.
 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4225
Signed-off-by: Ranbir Singh <Ranbir.Singh3@Dell.com>
---
 .../HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c  &= nbsp;    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCr= yptoRouterPei.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCr= yptoRouterPei.c
index eeb424b6c3..0c8315ed03 100644
--- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRou= terPei.c
+++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRou= terPei.c
@@ -108,7 +108,8 @@ CheckSupportedHashMaskMismatch (
   HashInterfaceHobLast =3D InternalGetHashInterfaceHob (&am= p;gZeroGuid);
   ASSERT (HashInterfaceHobLast !=3D NULL);
 
-  if ((HashInterfaceHobLast->SupportedHashMask !=3D 0) &&= amp;
+  if ((HashInterfaceHobLast !=3D NULL) &&
+      (HashInterfaceHobLast->SupportedHashMask !=3D= 0) &&
       (HashInterfaceHobCurrent->SupportedHashM= ask !=3D HashInterfaceHobLast->SupportedHashMask))
   {
     DEBUG ((
--
2.36.1.windows.1
_._,_._,_
Groups.io Links:

=20 You receive all messages sent to this group. =20 =20

= View/Reply Online (#97926) | =20 | Mute = This Topic | New Topic
Your Subscriptio= n | Contact Group Owner | Unsubscribe [importer@patchew.org]

_._,_._,_
--S6FY69ikGJnfR4yTSY3u--