[edk2-devel] [PATCH v2] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling

Laszlo Ersek posted 1 patch 4 years, 6 months ago
Failed in applying to current master (apply log)
OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
[edk2-devel] [PATCH v2] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling
Posted by Laszlo Ersek 4 years, 6 months ago
Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()",
2019-07-16), Base64Decode() guarantees that DestinationSize is larger on
output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean
up the retval handling for the first Base64Decode() call in
EnrollDefaultKeys, which used to work around the ambiguity in the previous
Base64Decode() interface contract.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
---

Notes:
    v2:
    
    - Repo:   https://github.com/lersek/edk2.git
      Branch: enroll_base64_cleanup_bz1981_v2
    
    - pick up Phil's R-b:
      http://mid.mail-archive.com/d7e733d7-d32f-02ec-98ec-c121d6b406e0@redhat.com
      https://edk2.groups.io/g/devel/message/43771
    
    - update BZ reference from TianoCore#1891 to TianoCore#1981 (due to the
      patch being split off of the original series linked at
      <https://bugzilla.tianocore.org/show_bug.cgi?id=1891#c7>:
      <http://mid.mail-archive.com/20190702102836.27589-1-lersek@redhat.com>)
    
    - refer to the specific commit hash of patch "MdePkg/BaseLib: rewrite
      Base64Decode()" in the commit message
    
    - no code changes

 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
index f45cb799f726..302b80d97720 100644
--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
@@ -153,16 +153,10 @@ GetPkKek1 (
   DecodedCertSize = 0;
   Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize);
   switch (Status) {
   case EFI_BUFFER_TOO_SMALL:
-    if (DecodedCertSize > 0) {
-      break;
-    }
-    //
-    // Fall through: the above Base64Decode() call is ill-specified in BaseLib
-    // if Source decodes to zero bytes (for example if it consists of ignored
-    // whitespace only).
-    //
+    ASSERT (DecodedCertSize > 0);
+    break;
   case EFI_SUCCESS:
     AsciiPrint ("error: empty certificate after app prefix %g\n",
       &gOvmfPkKek1AppPrefixGuid);
     return EFI_PROTOCOL_ERROR;
-- 
2.19.1.3.g30247aa5d201


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#46758): https://edk2.groups.io/g/devel/message/46758
Mute This Topic: https://groups.io/mt/33135849/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling
Posted by Ard Biesheuvel 4 years, 6 months ago
On Wed, 4 Sep 2019 at 00:52, Laszlo Ersek <lersek@redhat.com> wrote:
>
> Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()",
> 2019-07-16), Base64Decode() guarantees that DestinationSize is larger on
> output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean
> up the retval handling for the first Base64Decode() call in
> EnrollDefaultKeys, which used to work around the ambiguity in the previous
> Base64Decode() interface contract.
>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>

Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> ---
>
> Notes:
>     v2:
>
>     - Repo:   https://github.com/lersek/edk2.git
>       Branch: enroll_base64_cleanup_bz1981_v2
>
>     - pick up Phil's R-b:
>       http://mid.mail-archive.com/d7e733d7-d32f-02ec-98ec-c121d6b406e0@redhat.com
>       https://edk2.groups.io/g/devel/message/43771
>
>     - update BZ reference from TianoCore#1891 to TianoCore#1981 (due to the
>       patch being split off of the original series linked at
>       <https://bugzilla.tianocore.org/show_bug.cgi?id=1891#c7>:
>       <http://mid.mail-archive.com/20190702102836.27589-1-lersek@redhat.com>)
>
>     - refer to the specific commit hash of patch "MdePkg/BaseLib: rewrite
>       Base64Decode()" in the commit message
>
>     - no code changes
>
>  OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++--------
>  1 file changed, 2 insertions(+), 8 deletions(-)
>
> diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
> index f45cb799f726..302b80d97720 100644
> --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
> +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
> @@ -153,16 +153,10 @@ GetPkKek1 (
>    DecodedCertSize = 0;
>    Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize);
>    switch (Status) {
>    case EFI_BUFFER_TOO_SMALL:
> -    if (DecodedCertSize > 0) {
> -      break;
> -    }
> -    //
> -    // Fall through: the above Base64Decode() call is ill-specified in BaseLib
> -    // if Source decodes to zero bytes (for example if it consists of ignored
> -    // whitespace only).
> -    //
> +    ASSERT (DecodedCertSize > 0);
> +    break;
>    case EFI_SUCCESS:
>      AsciiPrint ("error: empty certificate after app prefix %g\n",
>        &gOvmfPkKek1AppPrefixGuid);
>      return EFI_PROTOCOL_ERROR;
> --
> 2.19.1.3.g30247aa5d201
>

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#46809): https://edk2.groups.io/g/devel/message/46809
Mute This Topic: https://groups.io/mt/33135849/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2] OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling
Posted by Laszlo Ersek 4 years, 6 months ago
On 09/04/19 14:37, Ard Biesheuvel wrote:
> On Wed, 4 Sep 2019 at 00:52, Laszlo Ersek <lersek@redhat.com> wrote:
>>
>> Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()",
>> 2019-07-16), Base64Decode() guarantees that DestinationSize is larger on
>> output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean
>> up the retval handling for the first Base64Decode() call in
>> EnrollDefaultKeys, which used to work around the ambiguity in the previous
>> Base64Decode() interface contract.
>>
>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981
>> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
>> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
> 
> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Pushed as commit 59b754c9f697.

Thanks everyone!
Laszlo

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#46931): https://edk2.groups.io/g/devel/message/46931
Mute This Topic: https://groups.io/mt/33135849/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-