OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-)
Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()",
2019-07-16), Base64Decode() guarantees that DestinationSize is larger on
output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean
up the retval handling for the first Base64Decode() call in
EnrollDefaultKeys, which used to work around the ambiguity in the previous
Base64Decode() interface contract.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
---
Notes:
v2:
- Repo: https://github.com/lersek/edk2.git
Branch: enroll_base64_cleanup_bz1981_v2
- pick up Phil's R-b:
http://mid.mail-archive.com/d7e733d7-d32f-02ec-98ec-c121d6b406e0@redhat.com
https://edk2.groups.io/g/devel/message/43771
- update BZ reference from TianoCore#1891 to TianoCore#1981 (due to the
patch being split off of the original series linked at
<https://bugzilla.tianocore.org/show_bug.cgi?id=1891#c7>:
<http://mid.mail-archive.com/20190702102836.27589-1-lersek@redhat.com>)
- refer to the specific commit hash of patch "MdePkg/BaseLib: rewrite
Base64Decode()" in the commit message
- no code changes
OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
index f45cb799f726..302b80d97720 100644
--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
@@ -153,16 +153,10 @@ GetPkKek1 (
DecodedCertSize = 0;
Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize);
switch (Status) {
case EFI_BUFFER_TOO_SMALL:
- if (DecodedCertSize > 0) {
- break;
- }
- //
- // Fall through: the above Base64Decode() call is ill-specified in BaseLib
- // if Source decodes to zero bytes (for example if it consists of ignored
- // whitespace only).
- //
+ ASSERT (DecodedCertSize > 0);
+ break;
case EFI_SUCCESS:
AsciiPrint ("error: empty certificate after app prefix %g\n",
&gOvmfPkKek1AppPrefixGuid);
return EFI_PROTOCOL_ERROR;
--
2.19.1.3.g30247aa5d201
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#46758): https://edk2.groups.io/g/devel/message/46758
Mute This Topic: https://groups.io/mt/33135849/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
On Wed, 4 Sep 2019 at 00:52, Laszlo Ersek <lersek@redhat.com> wrote: > > Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()", > 2019-07-16), Base64Decode() guarantees that DestinationSize is larger on > output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean > up the retval handling for the first Base64Decode() call in > EnrollDefaultKeys, which used to work around the ambiguity in the previous > Base64Decode() interface contract. > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> > Cc: Jordan Justen <jordan.l.justen@intel.com> > Cc: Philippe Mathieu-Daudé <philmd@redhat.com> > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981 > Signed-off-by: Laszlo Ersek <lersek@redhat.com> > Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> > --- > > Notes: > v2: > > - Repo: https://github.com/lersek/edk2.git > Branch: enroll_base64_cleanup_bz1981_v2 > > - pick up Phil's R-b: > http://mid.mail-archive.com/d7e733d7-d32f-02ec-98ec-c121d6b406e0@redhat.com > https://edk2.groups.io/g/devel/message/43771 > > - update BZ reference from TianoCore#1891 to TianoCore#1981 (due to the > patch being split off of the original series linked at > <https://bugzilla.tianocore.org/show_bug.cgi?id=1891#c7>: > <http://mid.mail-archive.com/20190702102836.27589-1-lersek@redhat.com>) > > - refer to the specific commit hash of patch "MdePkg/BaseLib: rewrite > Base64Decode()" in the commit message > > - no code changes > > OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++-------- > 1 file changed, 2 insertions(+), 8 deletions(-) > > diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c > index f45cb799f726..302b80d97720 100644 > --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c > +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c > @@ -153,16 +153,10 @@ GetPkKek1 ( > DecodedCertSize = 0; > Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize); > switch (Status) { > case EFI_BUFFER_TOO_SMALL: > - if (DecodedCertSize > 0) { > - break; > - } > - // > - // Fall through: the above Base64Decode() call is ill-specified in BaseLib > - // if Source decodes to zero bytes (for example if it consists of ignored > - // whitespace only). > - // > + ASSERT (DecodedCertSize > 0); > + break; > case EFI_SUCCESS: > AsciiPrint ("error: empty certificate after app prefix %g\n", > &gOvmfPkKek1AppPrefixGuid); > return EFI_PROTOCOL_ERROR; > -- > 2.19.1.3.g30247aa5d201 > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#46809): https://edk2.groups.io/g/devel/message/46809 Mute This Topic: https://groups.io/mt/33135849/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
On 09/04/19 14:37, Ard Biesheuvel wrote: > On Wed, 4 Sep 2019 at 00:52, Laszlo Ersek <lersek@redhat.com> wrote: >> >> Since commit 35e242b698cd ("MdePkg/BaseLib: rewrite Base64Decode()", >> 2019-07-16), Base64Decode() guarantees that DestinationSize is larger on >> output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean >> up the retval handling for the first Base64Decode() call in >> EnrollDefaultKeys, which used to work around the ambiguity in the previous >> Base64Decode() interface contract. >> >> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> >> Cc: Jordan Justen <jordan.l.justen@intel.com> >> Cc: Philippe Mathieu-Daudé <philmd@redhat.com> >> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981 >> Signed-off-by: Laszlo Ersek <lersek@redhat.com> >> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> > > Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Pushed as commit 59b754c9f697. Thanks everyone! Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#46931): https://edk2.groups.io/g/devel/message/46931 Mute This Topic: https://groups.io/mt/33135849/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.