From nobody Mon Feb 9 17:37:22 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+49467+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+49467+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1572068263; cv=none; d=zoho.com; s=zohoarc; b=BDGmgUPsnydcsZxBUc3k+z6NrcOnuxVpdBMtLTHY+6+6gPBRQY9huqaBdZhmAng+p0/pEFi4ECCjVJXF2bS5NqWbOAmkkXX0gf6+E40RgM1qySSYpDWU18DJsW7ofl3K2odzJY3xiHCg2ogZVD0zvZ+R/uldQYhnc+gILSybtgU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1572068263; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=7/Ks7G5dyiPdDDakQyJWMPmxImQNuOcu63VRvulLCmQ=; b=D8tpmmTOM05pOUC51FTjjYORcpJokWTJ/yUyYNuFdrFjmLrnlBZ1Sohdhp9soJ34rNVxAGFDJEZPInOE7eKzDidlRJgBKHQQYazoxcv9Jsd+QwIa0fNEoD9PM5Va8DjE6HxkvadDFnraN48TU/x2ljLjH89te0NJrDsRok8tSks= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+49467+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1572068263653140.65654822169301; Fri, 25 Oct 2019 22:37:43 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id etR7YY1788612xEZKriNKNSq; Fri, 25 Oct 2019 22:37:42 -0700 X-Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.120]) by mx.groups.io with SMTP id smtpd.web09.2199.1572068262087856223 for ; Fri, 25 Oct 2019 22:37:42 -0700 X-Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-52-HoxUMb5NM9mVWI5UAgA4Vw-1; Sat, 26 Oct 2019 01:37:37 -0400 X-Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4FAA6800D4C; Sat, 26 Oct 2019 05:37:36 +0000 (UTC) X-Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-26.ams2.redhat.com [10.36.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7F1B95D9CA; Sat, 26 Oct 2019 05:37:34 +0000 (UTC) From: "Laszlo Ersek" To: edk2-devel-groups-io Cc: David Woodhouse , Jian J Wang , Jiaxin Wu , Sivaraman Nainar , Xiaoyu Lu Subject: [edk2-devel] [PATCH v2 5/8] CryptoPkg/Crt: import "inet_pton.c" (CVE-2019-14553) Date: Sat, 26 Oct 2019 07:37:16 +0200 Message-Id: <20191026053719.10453-6-lersek@redhat.com> In-Reply-To: <20191026053719.10453-1-lersek@redhat.com> References: <20191026053719.10453-1-lersek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-MC-Unique: HoxUMb5NM9mVWI5UAgA4Vw-1 X-Mimecast-Spam-Score: 0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com X-Gm-Message-State: B64Ct2pl27a5tV8gBUGinTXSx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1572068262; bh=MEbo8HrHSFxTnpTBqMYo4Y9ew3dAy8gtKd1+NvYzWCw=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=gjybF3lMTET133YfOdTfUXWZDD0O1R4GjAuk6O1CiGsaIyv1AhwQxQtLCrBrWKHGhSw r/hIb5OquxWop/otxeShqLtitKMQRK4dyndW7kjIEplIveTxwkOpe9ItIvr6YfBQ8LLoK Jx4bax789Y48CjhNHh2Kwps3vXBV1+VKmp8= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" For TianoCore BZ#1734, StdLib has been moved from the edk2 project to the edk2-libc project, in commit 964f432b9b0a ("edk2: Remove AppPkg, StdLib, StdLibPrivateInternalFiles", 2019-04-29). We'd like to use the inet_pton() function in CryptoPkg. Resurrect the "inet_pton.c" file from just before the StdLib removal, as follows: $ git show \ 964f432b9b0a^:StdLib/BsdSocketLib/inet_pton.c \ > CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c The inet_pton() function is only intended for the DXE phase at this time, therefore only the "BaseCryptLib" instance INF file receives the new file. Cc: David Woodhouse Cc: Jian J Wang Cc: Jiaxin Wu Cc: Sivaraman Nainar Cc: Xiaoyu Lu Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D960 CVE: CVE-2019-14553 Signed-off-by: Laszlo Ersek Reviewed-by: Jian J Wang --- Notes: v2: - new patch CryptoPkg/Library/Include/CrtLibSupport.h | 1 + CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c | 257 +++++++++++++++++= +++ 3 files changed, 259 insertions(+) diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/= Include/CrtLibSupport.h index e603fad763f9..5a20ba636fff 100644 --- a/CryptoPkg/Library/Include/CrtLibSupport.h +++ b/CryptoPkg/Library/Include/CrtLibSupport.h @@ -191,8 +191,9 @@ char *secure_getenv (const char *); void abort (void) __attribute__((__noreturn__)); #else void abort (void); #endif +int inet_pton (int, const char *, void *); =20 // // Macros that directly map functions to BaseLib, BaseMemoryLib, and Debug= Lib functions // diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.inf index a98be2cd9590..dc9e6e5d45f9 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -57,8 +57,9 @@ [Sources] =20 SysCall/CrtWrapper.c SysCall/TimerWrapper.c SysCall/BaseMemAllocation.c + SysCall/inet_pton.c =20 [Sources.Ia32] Rand/CryptRandTsc.c =20 diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c b/CryptoPkg= /Library/BaseCryptLib/SysCall/inet_pton.c new file mode 100644 index 000000000000..32e1ab8690e6 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c @@ -0,0 +1,257 @@ +/* Copyright (c) 1996 by Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCL= AIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRA= NTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF = THIS + * SOFTWARE. + */ + +/* + * Portions copyright (c) 1999, 2000 + * Intel Corporation. + * All rights reserved. + *=20 + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + *=20 + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + *=20 + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + *=20 + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + *=20 + * This product includes software developed by Intel Corporation and + * its contributors. + *=20 + * 4. Neither the name of Intel Corporation or its contributors may be + * used to endorse or promote products derived from this software + * without specific prior written permission. + *=20 + * THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION AND CONTRIBUTORS ``AS IS= '' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, T= HE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURP= OSE + * ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + *=20 + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char rcsid[] =3D "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 ky= u3 Exp $"; +#endif /* LIBC_SCCS and not lint */ + +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * WARNING: Don't even consider trying to compile this on a system where + * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX. + */ + +static int inet_pton4 (const char *src, u_char *dst); +static int inet_pton6 (const char *src, u_char *dst); + +/* int + * inet_pton(af, src, dst) + * convert from presentation format (which usually means ASCII printable) + * to network format (which is usually some kind of binary format). + * return: + * 1 if the address was valid for the specified address family + * 0 if the address wasn't valid (`dst' is untouched in this case) + * -1 if some other error occurred (`dst' is untouched in this case, too) + * author: + * Paul Vixie, 1996. + */ +int +inet_pton( + int af, + const char *src, + void *dst + ) +{ + switch (af) { + case AF_INET: + return (inet_pton4(src, dst)); + case AF_INET6: + return (inet_pton6(src, dst)); + default: + errno =3D EAFNOSUPPORT; + return (-1); + } + /* NOTREACHED */ +} + +/* int + * inet_pton4(src, dst) + * like inet_aton() but without all the hexadecimal and shorthand. + * return: + * 1 if `src' is a valid dotted quad, else 0. + * notice: + * does not touch `dst' unless it's returning 1. + * author: + * Paul Vixie, 1996. + */ +static int +inet_pton4( + const char *src, + u_char *dst + ) +{ + static const char digits[] =3D "0123456789"; + int saw_digit, octets, ch; + u_char tmp[NS_INADDRSZ], *tp; + + saw_digit =3D 0; + octets =3D 0; + *(tp =3D tmp) =3D 0; + while ((ch =3D *src++) !=3D '\0') { + const char *pch; + + if ((pch =3D strchr(digits, ch)) !=3D NULL) { + u_int new =3D *tp * 10 + (u_int)(pch - digits); + + if (new > 255) + return (0); + *tp =3D (u_char)new; + if (! saw_digit) { + if (++octets > 4) + return (0); + saw_digit =3D 1; + } + } else if (ch =3D=3D '.' && saw_digit) { + if (octets =3D=3D 4) + return (0); + *++tp =3D 0; + saw_digit =3D 0; + } else + return (0); + } + if (octets < 4) + return (0); + + memcpy(dst, tmp, NS_INADDRSZ); + return (1); +} + +/* int + * inet_pton6(src, dst) + * convert presentation level address to network order binary form. + * return: + * 1 if `src' is a valid [RFC1884 2.2] address, else 0. + * notice: + * (1) does not touch `dst' unless it's returning 1. + * (2) :: in a full address is silently ignored. + * credit: + * inspired by Mark Andrews. + * author: + * Paul Vixie, 1996. + */ +static int +inet_pton6( + const char *src, + u_char *dst + ) +{ + static const char xdigits_l[] =3D "0123456789abcdef", + xdigits_u[] =3D "0123456789ABCDEF"; + u_char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp; + const char *xdigits, *curtok; + int ch, saw_xdigit; + u_int val; + + memset((tp =3D tmp), '\0', NS_IN6ADDRSZ); + endp =3D tp + NS_IN6ADDRSZ; + colonp =3D NULL; + /* Leading :: requires some special handling. */ + if (*src =3D=3D ':') + if (*++src !=3D ':') + return (0); + curtok =3D src; + saw_xdigit =3D 0; + val =3D 0; + while ((ch =3D *src++) !=3D '\0') { + const char *pch; + + if ((pch =3D strchr((xdigits =3D xdigits_l), ch)) =3D=3D NULL) + pch =3D strchr((xdigits =3D xdigits_u), ch); + if (pch !=3D NULL) { + val <<=3D 4; + val |=3D (pch - xdigits); + if (val > 0xffff) + return (0); + saw_xdigit =3D 1; + continue; + } + if (ch =3D=3D ':') { + curtok =3D src; + if (!saw_xdigit) { + if (colonp) + return (0); + colonp =3D tp; + continue; + } + if (tp + NS_INT16SZ > endp) + return (0); + *tp++ =3D (u_char) (val >> 8) & 0xff; + *tp++ =3D (u_char) val & 0xff; + saw_xdigit =3D 0; + val =3D 0; + continue; + } + if (ch =3D=3D '.' && ((tp + NS_INADDRSZ) <=3D endp) && + inet_pton4(curtok, tp) > 0) { + tp +=3D NS_INADDRSZ; + saw_xdigit =3D 0; + break; /* '\0' was seen by inet_pton4(). */ + } + return (0); + } + if (saw_xdigit) { + if (tp + NS_INT16SZ > endp) + return (0); + *tp++ =3D (u_char) (val >> 8) & 0xff; + *tp++ =3D (u_char) val & 0xff; + } + if (colonp !=3D NULL) { + /* + * Since some memmove()'s erroneously fail to handle + * overlapping regions, we'll do the shift by hand. + */ + const int n =3D (int)(tp - colonp); + int i; + + for (i =3D 1; i <=3D n; i++) { + endp[- i] =3D colonp[n - i]; + colonp[n - i] =3D 0; + } + tp =3D endp; + } + if (tp !=3D endp) + return (0); + memcpy(dst, tmp, NS_IN6ADDRSZ); + return (1); +} --=20 2.19.1.3.g30247aa5d201 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#49467): https://edk2.groups.io/g/devel/message/49467 Mute This Topic: https://groups.io/mt/37952589/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-