From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96689+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96689+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743195; cv=none;
	d=zohomail.com; s=zohoarc;
	b=P9RpzAV7cftt37Nq+9sRH1XwYyolhv5ixORN8yWe9gUAC/5RaEiExTUdS4ncjwJk6KR1OzAFN2V4lt8QH9C+Sz8I09xi1AjZb+3ujEjV8i0k+2UAM6+CY9TFvmyNGGeZD2HMWFYIHcBbYIdWGywRgqdXMy07m7+4wHmwlwYE/vk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743195;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=JdqEBBUKL97vqBqyhhGXx/3AL2Xkew/4ejzD0nSQ6rk=;
	b=jqF5S2w5KKvv9YQm45LGdn57c9289uXSj4Cf/TlX29qVL2QHlg/l+jpyFnUpD1H9sP+GO/HwKRV8dfsYuEqLDJoF9LtwRHRjQpBGAZmoBjKd5bdao7yDcILpTCdIOIs7okIFtmlPdhBx4Agj4EbZ59dOtNynmNasGc3/3dJ5cZQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96689+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743195800135.15068714182496;
 Tue, 29 Nov 2022 09:33:15 -0800 (PST)
Return-Path: <bounce+27952+96689+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id fXbuYY1788612xYjfs6K8faT;
 Tue, 29 Nov 2022 09:33:15 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.157018.1669743194889668786
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:14 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 5601820B6C40;
	Tue, 29 Nov 2022 09:33:13 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 5601820B6C40
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Dandan Bi <dandan.bi@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Star Zeng <star.zeng@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>
Subject: [edk2-devel] [PATCH v2 01/12] MdeModulePkg/SmbiosDxe: Fix pointer and
 buffer overflow CodeQL alerts
Date: Tue, 29 Nov 2022 12:32:35 -0500
Message-Id: <20221129173246.2182-2-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: eHQfGu3YmHk2QfKiQW7tgUoxx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743195;
 bh=dduo5LC9HW+Fk18cFfX9kt9thgmHycNaOfNWaZywrs0=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=OzqZXYTmWzetduCxnA3hrxMH3KuiLEMdFc/d/QDe6rwM4dB+H2C5nzsFKbF+m8ocvQ0
 mko02UZD8lmSxU9NNSqOD6KlYkkTqxjWOEXUFe9MUaC8Vza3alqJ9hcvBmjtb4pp25+Nt
 dAcZP7D4dZtHX6NP1qSDqZ20l+1FyZrRBJ8=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743196865100002
Content-Type: text/plain; charset="utf-8"

From: Erich McMillan <emcmillan@microsoft.com>

Details for these CodeQL alerts can be found here:

- Pointer overflow check (cpp/pointer-overflow-check):
  - https://cwe.mitre.org/data/definitions/758.html

- Potential buffer overflow check (cpp/potential-buffer-overflow):
  - https://cwe.mitre.org/data/definitions/676.html

CodeQL alert:

  - Line 1612 in MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
    - Type: Pointer overflow check
    - Severity: Low
    - Problem: Range check relying on pointer overflow

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Erich McMillan <emcmillan@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
 MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c   | 11 ++++++++---
 MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf |  1 +
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c b/MdeModulePkg/Un=
iversal/SmbiosDxe/SmbiosDxe.c
index 1d43adc7662c..c1da2adc296b 100644
--- a/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
+++ b/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
@@ -8,6 +8,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
=20
 #include "SmbiosDxe.h"
+#include <Library/SafeIntLib.h>
=20
 //
 // Module Global:
@@ -1594,6 +1595,7 @@ ParseAndAddExistingSmbiosTable (
   CHAR8                     *String;
   EFI_SMBIOS_HANDLE         SmbiosHandle;
   SMBIOS_STRUCTURE_POINTER  SmbiosEnd;
+  UINTN                     SafeIntResult;
=20
   mPrivateData.Smbios.MajorVersion =3D MajorVersion;
   mPrivateData.Smbios.MinorVersion =3D MinorVersion;
@@ -1608,9 +1610,12 @@ ParseAndAddExistingSmbiosTable (
     //
     // Make sure not to access memory beyond SmbiosEnd
     //
-    if ((Smbios.Raw + sizeof (SMBIOS_STRUCTURE) > SmbiosEnd.Raw) ||
-        (Smbios.Raw + sizeof (SMBIOS_STRUCTURE) < Smbios.Raw))
-    {
+    Status =3D SafeUintnAdd ((UINTN)Smbios.Raw, sizeof (SMBIOS_STRUCTURE),=
 &SafeIntResult);
+    if (EFI_ERROR (Status)) {
+      return EFI_INVALID_PARAMETER;
+    }
+
+    if ((SafeIntResult > (UINTN)SmbiosEnd.Raw) || (SafeIntResult < (UINTN)=
Smbios.Raw)) {
       return EFI_INVALID_PARAMETER;
     }
=20
diff --git a/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf b/MdeModulePkg/=
Universal/SmbiosDxe/SmbiosDxe.inf
index c03915a6921f..8b7c74694775 100644
--- a/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf
+++ b/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf
@@ -42,6 +42,7 @@ [LibraryClasses]
   DebugLib
   PcdLib
   HobLib
+  SafeIntLib
=20
 [Protocols]
   gEfiSmbiosProtocolGuid                            ## PRODUCES
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96689): https://edk2.groups.io/g/devel/message/96689
Mute This Topic: https://groups.io/mt/95339694/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96690+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96690+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743198; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MbXW/1mJh1dmS0UYBCjcKr6A7cHA8P2DU8nwl7vSThFR8IpLgiIDALrAzbgw8TQZppfEkb4JnXAs/4pkHJi1arAZfEZvmYB7oiivHl9vFJxKqxnZiElp1naz0ZugfjqdiyZRzxOssFxff3PfH0SAvUyus8LNnVp0z0JjbyRviAY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743198;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=DXfVHzf/79pKHrYIMK/dseifVH8n7HxAwW0Gaxi9xFk=;
	b=gZpsQDdySYFLafxTJa/UAC0O70SM8w/hMkNd2CpKooiNKouHIIkZarrYw5zCIuXH9F4C+qreyIOQfma901TzmtJjPrNrxWahhlyjul0U35m6t8/TlgmTx2chsVfsHILodR1i+/Xn6XLk/PGt/Bd7vMgxtWt6gfgbeRYpKXsBRms=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96690+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743198713547.4929522794677;
 Tue, 29 Nov 2022 09:33:18 -0800 (PST)
Return-Path: <bounce+27952+96690+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id nbhFYY1788612xp5bDGpUCpp;
 Tue, 29 Nov 2022 09:33:18 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156494.1669743197967137614
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:18 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id BC86E20B717A;
	Tue, 29 Nov 2022 09:33:16 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com BC86E20B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Bob Feng <bob.c.feng@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Yuwei Chen <yuwei.chen@intel.com>
Subject: [edk2-devel] [PATCH v2 02/12] BaseTools/PatchCheck.py: Add PCCTS to
 tab exemption list
Date: Tue, 29 Nov 2022 12:32:36 -0500
Message-Id: <20221129173246.2182-3-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: G2Xb1CcwHSM5EgEp0y3gYvbsx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743198;
 bh=0cQQicML97S4w6ebpGFp8nl5sd7gtI627QGp+/LDsp8=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=BLZ9U0JRWGCKUQLKWqxINR5lQZV/PT9L/QNIJvRUx0Cp1HQP7jEVtpiBYlnaWfszX2S
 DsDdGYMV9xCaF77RsEAP3K6eK8TU0FCnDEgkP2tv1XxkITYBJc3eVAs4NDU1KYShzZhp0
 67Z98f7ufU1fMSk3BT7tDvQqYQ9YJWlWZhA=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743200834100002
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Purdue Compiler Construction Tool Set (PCCTS) source code was copied/
pasted into BaseTools/Source/C/VfrCompile/Pccts/.

The code contains tab characters instead of spaces.

PatchCheck.py gives an error on modifications to files that
contain tabs.

This change adds that directory to the pre-existing list of
directories in which tab checks are ignored in PatchCheck.py.

The goal of my upcoming change there is not to mix tabs and spaces
but to fix a bug while preserving its current formatting characters.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 BaseTools/Scripts/PatchCheck.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/BaseTools/Scripts/PatchCheck.py b/BaseTools/Scripts/PatchCheck=
.py
index 475b3a8c27d9..a02fdb470ee2 100755
--- a/BaseTools/Scripts/PatchCheck.py
+++ b/BaseTools/Scripts/PatchCheck.py
@@ -384,7 +384,9 @@ class GitDiffCheck:
                     self.force_crlf =3D False
                     self.force_notabs =3D False
                 if os.path.basename(self.filename) =3D=3D 'GNUmakefile' or=
 \
-                   os.path.basename(self.filename) =3D=3D 'Makefile':
+                   os.path.basename(self.filename) =3D=3D 'Makefile' or \
+                   self.filename.startswith(
+                        'BaseTools/Source/C/VfrCompile/Pccts/'):
                     self.force_notabs =3D False
             elif len(line.rstrip()) !=3D 0:
                 self.format_error("didn't find diff command")
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96690): https://edk2.groups.io/g/devel/message/96690
Mute This Topic: https://groups.io/mt/95339695/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96691+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96691+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743203; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ZRWgkh0eYdM07TZqx8UmXNzm2tBaVPAwIJs1uJCnuxzKHD4Z3Q6+qEHairds3iSAjRXMnOiPfqKna7Te342s1nF9Jheo99Q8FaBRIlmSz5VUan08kkkDUiOgClIrNI+iLyPsTcV4bhOQYcg+fg4LPIXUXn9hrCE7+87k6hje80A=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743203;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=nisjeGGV0hrlZiRT2FOH5wSOgSLZjAK6FtUC1Lgrjv8=;
	b=mYCgwfhOgLeH7DVDJgGUwp1OH4ZG8ErxIw885QCace9yMjlAlEDKVM+4d7+PV+Os3srIXXIdmdv280SUJSHlVlONPcAKWfDW5QId3PhmNB9IxWJVKWQUuFpJWgvEkWGoX/my3e2lGQOp1I2hZk22D8oxJst8qHlHFLjeHnaxXew=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96691+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743203150913.976121016218;
 Tue, 29 Nov 2022 09:33:23 -0800 (PST)
Return-Path: <bounce+27952+96691+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 4jTwYY1788612xcmhDDVA9i7;
 Tue, 29 Nov 2022 09:33:22 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.157022.1669743201565566816
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:21 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 670F320B83C2;
	Tue, 29 Nov 2022 09:33:20 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 670F320B83C2
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Bob Feng <bob.c.feng@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Yuwei Chen <yuwei.chen@intel.com>
Subject: [edk2-devel] [PATCH v2 03/12] BaseTools/VfrCompile: Fix potential
 buffer overwrites
Date: Tue, 29 Nov 2022 12:32:37 -0500
Message-Id: <20221129173246.2182-4-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: Ec1yxEGAA6IFW0uFjafpIFLMx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743202;
 bh=rXVPQSln5iW+TCbPfGCWCTNmqZ4aZ4r+MDLstSFaAZY=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=vpZQkvYVfeHLvJ3eElilV4y85gBT7WZImZ/MJDIKYNrwQ59iAt5b1XY/5BcTpZ8uhXs
 DASzc1YXGArOAPILt0bcdCmLiIzVG+XAM9GmX9sshPLf7JzgTScB5+02zcN0VrZqDtYnN
 GMC0+oWRafhFfpPZOTjSUn17+g3BnliFPAE=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743204862100001
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

While more portable methods exist to handle these cases, this change
does not attempt to do more than fix the immediate problem and
follow the conventions already established in this code.

`snprintf()` is introduced as the minimum improvement apart from
making the buffers larger.

Fixes the following CodeQL alerts:

1. Failure on line 2339 in
   BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c

   - Type: Potentially overrunning write
   - Severity: Critical
   - Problem: This 'call to sprintf' operation requires 17 bytes but
     the destination is only 16 bytes.

2. Failure on line 2341 in
   BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c

   - Type: Potentially overrunning write
   - Severity: Critical
   - Problem: This 'call to sprintf' operation requires 17 bytes but
     the destination is only 16 bytes.

3. Failure on line 1309 in
   BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c

   - Type: Potentially overrunning write
   - Severity: Critical
   - Problem: This 'call to sprintf' operation requires 25 bytes but
     the destination is only 20 bytes.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c  | 10 +++++-----
 BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c b/BaseTools/So=
urce/C/VfrCompile/Pccts/antlr/gen.c
index 8e41239f4751..33d9cac4c7de 100644
--- a/BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c
+++ b/BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c
@@ -2331,14 +2331,14 @@ TokNode *p;
 			set_nameErrSet =3D bufErrSet;								/* MR23 */
 		}
 		else {					/* wild card */
-			static char buf[sizeof("zzerr")+10];
-			static char bufErrSet[sizeof("zzerr")+10];
+			static char buf[sizeof("zzerr")+11];
+			static char bufErrSet[sizeof("zzerr")+11];
 			int n =3D DefErrSet( &b, 0, NULL );
 			int nErrSet =3D DefErrSetWithSuffix(0, &bErrSet, 1, NULL, "_set");
-			if ( GenCC ) sprintf(buf, "err%d", n);
-			else sprintf(buf, "zzerr%d", n);
+			if ( GenCC ) snprintf(buf, 11, "err%d", n);
+			else snprintf(buf, 11, "zzerr%d", n);
 			if ( GenCC ) sprintf(bufErrSet, "err%d", nErrSet);
-			else sprintf(bufErrSet, "zzerr%d", nErrSet);
+			else snprintf(bufErrSet, 11, "zzerr%d", nErrSet);
 			set_name =3D buf;
 			set_nameErrSet =3D bufErrSet;
 		}
diff --git a/BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c b/BaseTools/S=
ource/C/VfrCompile/Pccts/antlr/main.c
index 051ee4ec5d28..488b4b90461c 100644
--- a/BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c
+++ b/BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c
@@ -1295,7 +1295,7 @@ int token;
 #endif
 {
 	int     j;
-        static    char    imag_name[20];
+        static    char    imag_name[25];
=20
 	/* look in all lexclasses for the token */
 	if ( TokenString(token) !=3D NULL ) return TokenString(token);
@@ -1306,7 +1306,7 @@ int token;
 	}
=20
     if (1) {
-      sprintf(imag_name,"UnknownToken#%d",token);           /* MR13 */
+      snprintf(imag_name, 25, "UnknownToken#%d", token);    /* MR13 */
       return imag_name;                                     /* MR13 */
     }
=20
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96691): https://edk2.groups.io/g/devel/message/96691
Mute This Topic: https://groups.io/mt/95339696/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96692+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96692+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743206; cv=none;
	d=zohomail.com; s=zohoarc;
	b=PaWQydD27ORr661CEOH7ZvehHP3PsVLOvGXZM7fA+O4lr18evr2icoB+CtkEbiSkNeW1zoh93QY/byp8yTo1bNVUcvxkkcIPAYBnu7CB1IIi+UdWzs9CPzAx+wWVLlFcXoVBhUMUexuuYA5eqPs0Pb4ZexPV6bq/jmoM7kh8UOE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743206;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=vfOznkbvE9HgfAXTMlaf0Te0ImCyJ/Ic0X8kvbBlBjI=;
	b=HIBcXxy+3JgB9k+G8m2nz8FYQMVvm8V3eyS28jYO/EGaw5UsWNNnCtP7qurl2ZN5tWwXSrbShLWobBm4zLUMx4F9O+7nosfReh4NUslhXdSrtzOJljEKuf0XW63nVwWnmFVEbH9jRZFLsANTTmYsIEwBvZEqWDHtGJeU4nsDwWU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96692+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743205992964.5963833171778;
 Tue, 29 Nov 2022 09:33:25 -0800 (PST)
Return-Path: <bounce+27952+96692+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id eQWcYY1788612xY9KzJP4lpf;
 Tue, 29 Nov 2022 09:33:25 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.157023.1669743205240907436
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:25 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 165C020B83CB;
	Tue, 29 Nov 2022 09:33:23 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 165C020B83CB
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>
Subject: [edk2-devel] [PATCH v2 04/12] CryptoPkg: Fix conditionally
 uninitialized variable
Date: Tue, 29 Nov 2022 12:32:38 -0500
Message-Id: <20221129173246.2182-5-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: vDPXnNQYXoSdVibQCbY8j679x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743205;
 bh=zyl5zRpEjEe8vAivHVDDPbJ/uuhF/w//3Jo2ueIdkcw=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=dDOgBGaK/fpkJEA9VcMA4qcPwQuexHsA8iDiwUA0cERdzPxdZ0dj6mYBka6yjjy1Olc
 r9mXO5m+koW4XRjAfBNcok1u6mH0Sud48qWACJNdEgp/Qyg00dIt+Jr7B2uvbQst5mVwR
 jumDAkKNQKsEdGI6qiWa6K9ZR1lwbmL3eyE=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743206872100005
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Checks the return value from `ASN1_get_object()` to verify values
set by the function are valid.

Note that the function returns literal `0x80`:
    `return (0x80);`

That is used to check the return value is as the case in other areas
of the code.

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 21 +++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr=
ary/BaseCryptLib/Pk/CryptX509.c
index 2333157e0d17..1182323b63ee 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -807,6 +807,7 @@ X509GetTBSCert (
   UINT32       Asn1Tag;
   UINT32       ObjClass;
   UINTN        Length;
+  UINTN        Inf;
=20
   //
   // Check input parameters.
@@ -836,9 +837,9 @@ X509GetTBSCert (
   //
   Temp   =3D Cert;
   Length =3D 0;
-  ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla=
ss, (long)CertSize);
+  Inf    =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in=
t *)&ObjClass, (long)CertSize);
=20
-  if (Asn1Tag !=3D V_ASN1_SEQUENCE) {
+  if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {
     return FALSE;
   }
=20
@@ -848,7 +849,7 @@ X509GetTBSCert (
   //
   // Verify the parsed TBSCertificate is one correct SEQUENCE data.
   //
-  if (Asn1Tag !=3D V_ASN1_SEQUENCE) {
+  if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {
     return FALSE;
   }
=20
@@ -1888,18 +1889,20 @@ Asn1GetTag (
   IN     UINT32   Tag
   )
 {
-  UINT8  *PtrOld;
-  INT32  ObjTag;
-  INT32  ObjCls;
-  long   ObjLength;
+  UINT8   *PtrOld;
+  INT32   ObjTag;
+  INT32   ObjCls;
+  long    ObjLength;
+  UINT32  Inf;
=20
   //
   // Save Ptr position
   //
   PtrOld =3D *Ptr;
=20
-  ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjCls, (INT=
32)(End - (*Ptr)));
-  if ((ObjTag =3D=3D (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&
+  Inf =3D ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjC=
ls, (INT32)(End - (*Ptr)));
+  if (((Inf & 0x80) =3D=3D 0x00) &&
+      (ObjTag =3D=3D (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&
       (ObjCls =3D=3D (INT32)(Tag & CRYPTO_ASN1_TAG_CLASS_MASK)))
   {
     *Length =3D (UINTN)ObjLength;
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96692): https://edk2.groups.io/g/devel/message/96692
Mute This Topic: https://groups.io/mt/95339700/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96693+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96693+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743210; cv=none;
	d=zohomail.com; s=zohoarc;
	b=JSlrEA23wOi6vWasbvEbQyvTimD2/A6ZKcbupGf6nXyzUWxurDj5aVjY727MaQk93NU3hj1amtWGbnTbU1J8S4bRlh1dgVWChvCkIlWCVtzsZB4TJPHMYX+aIk4Y/8PjaxeMMPb+e1ZD3lmlhuQCJuahH/eibiZKw22vFqhsxpk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743210;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=HZgGiM6rvB1ycgdQ/9qihc31jm7aJxDhcHgQkeNUGXU=;
	b=WaKnTd8sR9ZlwO+CO8Eiaqtj3kEteBkR0T33GDA2t0JLSqkgW6x/sHHrHiqypUX6XTCmyVjh1ltZoj4hgR0NByPgUTM9Dv1ee+SyG9YJK68fLRAbmXCJXhMwMIM4j2fp0YRRV+jA3IJQmnrk/E6wOTA46rq27GwqI1Y8KEebcJI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96693+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743210311631.8673713247588;
 Tue, 29 Nov 2022 09:33:30 -0800 (PST)
Return-Path: <bounce+27952+96693+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id dfM6YY1788612xBwfty73YzL;
 Tue, 29 Nov 2022 09:33:29 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156499.1669743209517016177
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:29 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id E26CE20B717A;
	Tue, 29 Nov 2022 09:33:27 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E26CE20B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Dandan Bi <dandan.bi@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Ray Ni <ray.ni@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>
Subject: [edk2-devel] [PATCH v2 05/12] MdeModulePkg: Fix conditionally
 uninitialized variables
Date: Tue, 29 Nov 2022 12:32:39 -0500
Message-Id: <20221129173246.2182-6-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: iuJRom5xFCs9gYGqti1IX6y7x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743209;
 bh=zUv02pOOQCpvqAG/l/tZhvp5051/xgDF4QTLGsKkZUA=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=aED9D6kJi9v6UYt81tgUPJ7skljdqKfxj6WQGRw/QUiYGoUrJZi0Vy3YM8X7Ew4s9pO
 bRaProJXhOwNCyyfT4zq1NQBVBlqYDCzZt3EetK2XogAETHIiPDgJ7uWGW/7E9Z8GQJ8k
 dw7sd4bzLFHtoHOJgRORrwjEMC8HvAIQHL8=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743210949100001
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
 MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c                        |  5 +--
 MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c                           | 24 +++++++=
+------
 MdeModulePkg/Core/Dxe/Mem/Page.c                              | 17 +++++--=
---
 MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c | 25 +++++++=
++------
 MdeModulePkg/Library/FileExplorerLib/FileExplorer.c           |  5 ++-
 MdeModulePkg/Universal/BdsDxe/BdsEntry.c                      | 33 +++++++=
++++---------
 MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c      | 11 ++++---
 MdeModulePkg/Universal/HiiDatabaseDxe/Font.c                  | 14 ++++++-=
--
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c         |  2 +-
 9 files changed, 80 insertions(+), 56 deletions(-)

diff --git a/MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c b/MdeModulePkg/Bus/Pci/=
PciBusDxe/PciIo.c
index 843815d0cb18..14bed5472958 100644
--- a/MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c
+++ b/MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c
@@ -1407,6 +1407,7 @@ SupportPaletteSnoopAttributes (
   IN EFI_PCI_IO_PROTOCOL_ATTRIBUTE_OPERATION  Operation
   )
 {
+  EFI_STATUS     Status;
   PCI_IO_DEVICE  *Temp;
   UINT16         VGACommand;
=20
@@ -1444,13 +1445,13 @@ SupportPaletteSnoopAttributes (
   // Check if they are on the same bus
   //
   if (Temp->Parent =3D=3D PciIoDevice->Parent) {
-    PCI_READ_COMMAND_REGISTER (Temp, &VGACommand);
+    Status =3D PCI_READ_COMMAND_REGISTER (Temp, &VGACommand);
=20
     //
     // If they are on the same bus, either one can
     // be set to snoop, the other set to decode
     //
-    if ((VGACommand & EFI_PCI_COMMAND_VGA_PALETTE_SNOOP) !=3D 0) {
+    if (!EFI_ERROR (Status) && ((VGACommand & EFI_PCI_COMMAND_VGA_PALETTE_=
SNOOP) !=3D 0)) {
       //
       // VGA has set to snoop, so GFX can be only set to disable snoop
       //
diff --git a/MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c b/MdeModulePkg/Bus/Pci/Uhc=
iDxe/Uhci.c
index 48741085e507..496ffbd5c4cc 100644
--- a/MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c
+++ b/MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c
@@ -730,10 +730,12 @@ Uhci2ControlTransfer (
=20
   Uhc->PciIo->Flush (Uhc->PciIo);
=20
-  *TransferResult =3D QhResult.Result;
+  if (!EFI_ERROR (Status)) {
+    *TransferResult =3D QhResult.Result;
=20
-  if (DataLength !=3D NULL) {
-    *DataLength =3D QhResult.Complete;
+    if (DataLength !=3D NULL) {
+      *DataLength =3D QhResult.Complete;
+    }
   }
=20
   UhciDestoryTds (Uhc, TDs);
@@ -884,9 +886,11 @@ Uhci2BulkTransfer (
=20
   Uhc->PciIo->Flush (Uhc->PciIo);
=20
-  *TransferResult =3D QhResult.Result;
-  *DataToggle     =3D QhResult.NextToggle;
-  *DataLength     =3D QhResult.Complete;
+  if (!EFI_ERROR (Status)) {
+    *TransferResult =3D QhResult.Result;
+    *DataToggle     =3D QhResult.NextToggle;
+    *DataLength     =3D QhResult.Complete;
+  }
=20
   UhciDestoryTds (Uhc, TDs);
   Uhc->PciIo->Unmap (Uhc->PciIo, DataMap);
@@ -1210,9 +1214,11 @@ Uhci2SyncInterruptTransfer (
   UhciUnlinkTdFromQh (Uhc->SyncIntQh, TDs);
   Uhc->PciIo->Flush (Uhc->PciIo);
=20
-  *TransferResult =3D QhResult.Result;
-  *DataToggle     =3D QhResult.NextToggle;
-  *DataLength     =3D QhResult.Complete;
+  if (!EFI_ERROR (Status)) {
+    *TransferResult =3D QhResult.Result;
+    *DataToggle     =3D QhResult.NextToggle;
+    *DataLength     =3D QhResult.Complete;
+  }
=20
   UhciDestoryTds (Uhc, TDs);
   Uhc->PciIo->Unmap (Uhc->PciIo, DataMap);
diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P=
age.c
index 160289c1f9ec..2eb07b56b420 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Page.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Page.c
@@ -449,14 +449,15 @@ PromoteMemoryResource (
     //
     Promoted =3D PromoteGuardedFreePages (&StartAddress, &EndAddress);
     if (Promoted) {
-      CoreGetMemorySpaceDescriptor (StartAddress, &Descriptor);
-      CoreAddRange (
-        EfiConventionalMemory,
-        StartAddress,
-        EndAddress,
-        Descriptor.Capabilities & ~(EFI_MEMORY_PRESENT | EFI_MEMORY_INITIA=
LIZED |
-                                    EFI_MEMORY_TESTED | EFI_MEMORY_RUNTIME)
-        );
+      if (!EFI_ERROR (CoreGetMemorySpaceDescriptor (StartAddress, &Descrip=
tor))) {
+        CoreAddRange (
+          EfiConventionalMemory,
+          StartAddress,
+          EndAddress,
+          Descriptor.Capabilities & ~(EFI_MEMORY_PRESENT | EFI_MEMORY_INIT=
IALIZED |
+                                      EFI_MEMORY_TESTED | EFI_MEMORY_RUNTI=
ME)
+          );
+      }
     }
   }
=20
diff --git a/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c =
b/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c
index cdaa2db15365..e22aaf3039f1 100644
--- a/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c
+++ b/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c
@@ -909,23 +909,28 @@ BootFromFile (
   IN EFI_DEVICE_PATH_PROTOCOL  *FilePath
   )
 {
+  EFI_STATUS                    Status;
   EFI_BOOT_MANAGER_LOAD_OPTION  BootOption;
   CHAR16                        *FileName;
=20
+  Status   =3D EFI_NOT_STARTED;
   FileName =3D NULL;
=20
   FileName =3D ExtractFileNameFromDevicePath (FilePath);
   if (FileName !=3D NULL) {
-    EfiBootManagerInitializeLoadOption (
-      &BootOption,
-      0,
-      LoadOptionTypeBoot,
-      LOAD_OPTION_ACTIVE,
-      FileName,
-      FilePath,
-      NULL,
-      0
-      );
+    Status =3D EfiBootManagerInitializeLoadOption (
+               &BootOption,
+               0,
+               LoadOptionTypeBoot,
+               LOAD_OPTION_ACTIVE,
+               FileName,
+               FilePath,
+               NULL,
+               0
+               );
+  }
+
+  if (!EFI_ERROR (Status)) {
     //
     // Since current no boot from removable media directly is allowed */
     //
diff --git a/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c b/MdeModul=
ePkg/Library/FileExplorerLib/FileExplorer.c
index ef949267fcc2..804a03d868f2 100644
--- a/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
+++ b/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
@@ -1075,7 +1075,10 @@ LibCreateNewFile (
   NewHandle    =3D NULL;
   FullFileName =3D NULL;
=20
-  LibGetFileHandleFromDevicePath (gFileExplorerPrivate.RetDevicePath, &Fil=
eHandle, &ParentName, &DeviceHandle);
+  if (EFI_ERROR (LibGetFileHandleFromDevicePath (gFileExplorerPrivate.RetD=
evicePath, &FileHandle, &ParentName, &DeviceHandle))) {
+    return EFI_DEVICE_ERROR;
+  }
+
   FullFileName =3D LibAppendFileName (ParentName, FileName);
   if (FullFileName =3D=3D NULL) {
     return EFI_OUT_OF_RESOURCES;
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Univer=
sal/BdsDxe/BdsEntry.c
index 766dde3aaeeb..72de8d3211b7 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -691,6 +691,7 @@ BdsEntry (
   EFI_DEVICE_PATH_PROTOCOL        *FilePath;
   EFI_STATUS                      BootManagerMenuStatus;
   EFI_BOOT_MANAGER_LOAD_OPTION    PlatformDefaultBootOption;
+  BOOLEAN                         PlatformDefaultBootOptionValid;
=20
   HotkeyTriggered =3D NULL;
   Status          =3D EFI_SUCCESS;
@@ -809,24 +810,24 @@ BdsEntry (
     CpuDeadLoop ();
   }
=20
-  Status =3D EfiBootManagerInitializeLoadOption (
-             &PlatformDefaultBootOption,
-             LoadOptionNumberUnassigned,
-             LoadOptionTypePlatformRecovery,
-             LOAD_OPTION_ACTIVE,
-             L"Default PlatformRecovery",
-             FilePath,
-             NULL,
-             0
-             );
-  ASSERT_EFI_ERROR (Status);
+  PlatformDefaultBootOptionValid =3D EfiBootManagerInitializeLoadOption (
+                                     &PlatformDefaultBootOption,
+                                     LoadOptionNumberUnassigned,
+                                     LoadOptionTypePlatformRecovery,
+                                     LOAD_OPTION_ACTIVE,
+                                     L"Default PlatformRecovery",
+                                     FilePath,
+                                     NULL,
+                                     0
+                                     ) =3D=3D EFI_SUCCESS;
+  ASSERT (PlatformDefaultBootOptionValid =3D=3D TRUE);
=20
   //
   // System firmware must include a PlatformRecovery#### variable specifyi=
ng
   // a short-form File Path Media Device Path containing the platform defa=
ult
   // file path for removable media if the platform supports Platform Recov=
ery.
   //
-  if (PcdGetBool (PcdPlatformRecoverySupport)) {
+  if (PlatformDefaultBootOptionValid && PcdGetBool (PcdPlatformRecoverySup=
port)) {
     LoadOptions =3D EfiBootManagerGetLoadOptions (&LoadOptionCount, LoadOp=
tionTypePlatformRecovery);
     if (EfiBootManagerFindLoadOption (&PlatformDefaultBootOption, LoadOpti=
ons, LoadOptionCount) =3D=3D -1) {
       for (Index =3D 0; Index < LoadOptionCount; Index++) {
@@ -1104,15 +1105,17 @@ BdsEntry (
       LoadOptions =3D EfiBootManagerGetLoadOptions (&LoadOptionCount, Load=
OptionTypePlatformRecovery);
       ProcessLoadOptions (LoadOptions, LoadOptionCount);
       EfiBootManagerFreeLoadOptions (LoadOptions, LoadOptionCount);
-    } else {
+    } else if (PlatformDefaultBootOptionValid) {
       //
       // When platform recovery is not enabled, still boot to platform def=
ault file path.
       //
-      EfiBootManagerProcessLoadOption (&PlatformDefaultBootOption);
+      PlatformDefaultBootOptionValid =3D EfiBootManagerProcessLoadOption (=
&PlatformDefaultBootOption) =3D=3D EFI_SUCCESS;
     }
   }
=20
-  EfiBootManagerFreeLoadOption (&PlatformDefaultBootOption);
+  if (PlatformDefaultBootOptionValid) {
+    EfiBootManagerFreeLoadOption (&PlatformDefaultBootOption);
+  }
=20
   DEBUG ((DEBUG_ERROR, "[Bds] Unable to boot!\n"));
   PlatformBootManagerUnableToBoot ();
diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c b/Mde=
ModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c
index dca3c1df07ba..0d4cfa4cf06f 100644
--- a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c
+++ b/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c
@@ -944,13 +944,14 @@ PrintMismatchMenuInfo (
   UINTN                          FormsetBufferSize;
=20
   Question =3D MenuOption->ThisTag;
-  HiiGetFormSetFromHiiHandle (gFormData->HiiHandle, &FormsetBuffer, &Forms=
etBufferSize);
=20
-  FormSetTitleStr =3D GetToken (FormsetBuffer->FormSetTitle, gFormData->Hi=
iHandle);
-  FormTitleStr    =3D GetToken (gFormData->FormTitle, gFormData->HiiHandle=
);
+  if (!EFI_ERROR (HiiGetFormSetFromHiiHandle (gFormData->HiiHandle, &Forms=
etBuffer, &FormsetBufferSize))) {
+    FormSetTitleStr =3D GetToken (FormsetBuffer->FormSetTitle, gFormData->=
HiiHandle);
+    FormTitleStr    =3D GetToken (gFormData->FormTitle, gFormData->HiiHand=
le);
=20
-  DEBUG ((DEBUG_ERROR, "\n[%a]: Mismatch Formset    : Formset Guid =3D %g,=
  FormSet title =3D %s\n", gEfiCallerBaseName, &gFormData->FormSetGuid, For=
mSetTitleStr));
-  DEBUG ((DEBUG_ERROR, "[%a]: Mismatch Form       : FormId =3D %d,  Form t=
itle =3D %s.\n", gEfiCallerBaseName, gFormData->FormId, FormTitleStr));
+    DEBUG ((DEBUG_ERROR, "\n[%a]: Mismatch Formset    : Formset Guid =3D %=
g,  FormSet title =3D %s\n", gEfiCallerBaseName, &gFormData->FormSetGuid, F=
ormSetTitleStr));
+    DEBUG ((DEBUG_ERROR, "[%a]: Mismatch Form       : FormId =3D %d,  Form=
 title =3D %s.\n", gEfiCallerBaseName, gFormData->FormId, FormTitleStr));
+  }
=20
   if (Question->OpCode->OpCode =3D=3D EFI_IFR_ORDERED_LIST_OP) {
     QuestionName =3D GetToken (((EFI_IFR_ORDERED_LIST *)MenuOption->ThisTa=
g->OpCode)->Question.Header.Prompt, gFormData->HiiHandle);
diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c b/MdeModulePkg/Un=
iversal/HiiDatabaseDxe/Font.c
index 399f90feb783..8a0b12f72fbe 100644
--- a/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c
+++ b/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c
@@ -1745,6 +1745,7 @@ HiiStringToImage (
   Attributes =3D (UINT8 *)AllocateZeroPool (StrLength * sizeof (UINT8));
   ASSERT (Attributes !=3D NULL);
=20
+  FontInfo      =3D NULL;
   RowInfo       =3D NULL;
   Status        =3D EFI_SUCCESS;
   StringIn2     =3D NULL;
@@ -1787,11 +1788,14 @@ HiiStringToImage (
       Background  =3D ((EFI_FONT_DISPLAY_INFO *)StringInfo)->BackgroundCol=
or;
     } else if (Status =3D=3D EFI_SUCCESS) {
       FontInfo =3D &StringInfoOut->FontInfo;
-      IsFontInfoExisted (Private, FontInfo, NULL, NULL, &GlobalFont);
-      Height     =3D GlobalFont->FontPackage->Height;
-      BaseLine   =3D GlobalFont->FontPackage->BaseLine;
-      Foreground =3D StringInfoOut->ForegroundColor;
-      Background =3D StringInfoOut->BackgroundColor;
+      if (IsFontInfoExisted (Private, FontInfo, NULL, NULL, &GlobalFont)) {
+        Height     =3D GlobalFont->FontPackage->Height;
+        BaseLine   =3D GlobalFont->FontPackage->BaseLine;
+        Foreground =3D StringInfoOut->ForegroundColor;
+        Background =3D StringInfoOut->BackgroundColor;
+      } else {
+        goto Exit;
+      }
     } else {
       goto Exit;
     }
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeMod=
ulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 6c1a3440ac8c..b64fcbdc7281 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -2453,7 +2453,7 @@ VariableServiceGetVariable (
   AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.Variab=
leServicesLock);
=20
   Status =3D FindVariable (VariableName, VendorGuid, &Variable, &mVariable=
ModuleGlobal->VariableGlobal, FALSE);
-  if ((Variable.CurrPtr =3D=3D NULL) || EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status) || (Variable.CurrPtr =3D=3D NULL)) {
     goto Done;
   }
=20
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96693): https://edk2.groups.io/g/devel/message/96693
Mute This Topic: https://groups.io/mt/95339703/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96694+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96694+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743213; cv=none;
	d=zohomail.com; s=zohoarc;
	b=GkjC89z/fPWhaeZ9D+EpcuRkb7byd0KWHr4ckmJAqzflVXaJQe6aPPvlQrK9OR/C8IBRv30e88IKepp+5VZC9Ds55eyYZ0lEud97ApyHQYorA+xF6upomGmNQB5ANQQpDwuAQDY4HUY//no78Au6VlbO0OGSbce5fqfxCOfRyi4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743213;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=t3rqwlESNsj/W3yMb8badHtWKWGBkQYVEky5T3YPcfc=;
	b=Lsf6sN41Wevon8hvOujJkQxEy8fUxYWmuq/KypEfo5p7sropSKZXUkHZq3P4bPJrGDUyWjhYR2uewuz7Vp8c2LpfXtCsj8MMJ+IvEeb6ORL61I1sX2Wrv9slCgwd+MLTJ6rrwI8QVNCdlcWcF2/dhZ0HUcFDJeYkiZVFiN05UjQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96694+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743213365659.636346238208;
 Tue, 29 Nov 2022 09:33:33 -0800 (PST)
Return-Path: <bounce+27952+96694+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id cWUrYY1788612x52OrZQaQAl;
 Tue, 29 Nov 2022 09:33:33 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156501.1669743212569131016
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:32 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 741E920B83C2;
	Tue, 29 Nov 2022 09:33:31 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 741E920B83C2
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>
Subject: [edk2-devel] [PATCH v2 06/12] MdePkg: Fix conditionally uninitialized
 variables
Date: Tue, 29 Nov 2022 12:32:40 -0500
Message-Id: <20221129173246.2182-7-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: WY9a9Ykdbns5WQzyvliZBxafx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743213;
 bh=HxzN6Pu1BWTRb4NUgDQhKmgFWg7gAdM3UER8eAILw7M=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=EzaIAUHXSQkHG4Zd0HIAx+y6fBxWMyTsx6EJme27yGhiVy16yW9uQXdEDB2aBB8GcvM
 5WOCz2FtDQEYsGIP23jSDwb97XsKZKTzv8vEWVn65wjjFT+15fB/p1f+djNqnHc9md+Xe
 2e23kJCbp4YbTctGhvQ/SVEGGyK6Wy/iJjk=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743214893100006
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Note that this change affects the actual return value from the
following functions. The functions documented that if an integer
overflow occurred, MAX_UINTN would be returned. They were
implemented to actually return an undefined value from the stack.

This change makes the function follow its description. However, this
is technically different than what callers may have previously
expected.

MdePkg/Library/BaseLib/String.c:
  - StrDecimalToUintn()
  - StrDecimalToUint64()
  - StrHexToUintn()
  - StrHexToUint64()
  - AsciiStrDecimalToUintn()
  - AsciiStrDecimalToUint64()
  - AsciiStrHexToUintn()
  - AsciiStrHexToUint64()

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
 MdePkg/Library/BaseLib/String.c | 40 ++++++++++++++++----
 1 file changed, 32 insertions(+), 8 deletions(-)

diff --git a/MdePkg/Library/BaseLib/String.c b/MdePkg/Library/BaseLib/Strin=
g.c
index 98e6d31463e0..637c96e7b31b 100644
--- a/MdePkg/Library/BaseLib/String.c
+++ b/MdePkg/Library/BaseLib/String.c
@@ -408,7 +408,10 @@ StrDecimalToUintn (
 {
   UINTN  Result;
=20
-  StrDecimalToUintnS (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrDecimalToUintnS (String, (CHAR16 **)NULL, &Result))=
) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -454,7 +457,10 @@ StrDecimalToUint64 (
 {
   UINT64  Result;
=20
-  StrDecimalToUint64S (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrDecimalToUint64S (String, (CHAR16 **)NULL, &Result)=
)) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -501,7 +507,10 @@ StrHexToUintn (
 {
   UINTN  Result;
=20
-  StrHexToUintnS (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrHexToUintnS (String, (CHAR16 **)NULL, &Result))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -548,7 +557,10 @@ StrHexToUint64 (
 {
   UINT64  Result;
=20
-  StrHexToUint64S (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrHexToUint64S (String, (CHAR16 **)NULL, &Result))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -989,7 +1001,10 @@ AsciiStrDecimalToUintn (
 {
   UINTN  Result;
=20
-  AsciiStrDecimalToUintnS (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrDecimalToUintnS (String, (CHAR8 **)NULL, &Resu=
lt))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -1031,7 +1046,10 @@ AsciiStrDecimalToUint64 (
 {
   UINT64  Result;
=20
-  AsciiStrDecimalToUint64S (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrDecimalToUint64S (String, (CHAR8 **)NULL, &Res=
ult))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -1077,7 +1095,10 @@ AsciiStrHexToUintn (
 {
   UINTN  Result;
=20
-  AsciiStrHexToUintnS (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrHexToUintnS (String, (CHAR8 **)NULL, &Result))=
) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -1123,7 +1144,10 @@ AsciiStrHexToUint64 (
 {
   UINT64  Result;
=20
-  AsciiStrHexToUint64S (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrHexToUint64S (String, (CHAR8 **)NULL, &Result)=
)) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96694): https://edk2.groups.io/g/devel/message/96694
Mute This Topic: https://groups.io/mt/95339706/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96695+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96695+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743217; cv=none;
	d=zohomail.com; s=zohoarc;
	b=G6Pn9c6rFnAiIzDBj89NTp19BDf/2Ux5aRw9AoFfa1TStkl5uyRxe53uE4VW8whLZCMCDdELT9gIyQH8/z8vIUDsBiZFbeCAO9zeOuxpVCr5U4/GA0YQHER2JPv7LUKAadq9AP0oOpId5YFgqyNv2tzY3eeIgP0a+dZ0rOlrqLM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743217;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=efaA8hfsz3omt2vq52V7EpsM9lfw7hc4kULi3SkvA8A=;
	b=FR/HEnxNsphkDJmCcG1idHfqBELe0Eoj/mLqDWizL4c5HevZd0g7TS+3eDWhr2RC2sbUSl/55rehpcz6iwcMBfTyhrJYCTiCq95V0yT8MbK+BRzO08SGZYog98TjDFD8h7YtSHPAKpWshkOLJFFx5P6UhLxO1b3cDtB8luKKou8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96695+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 166974321741246.45076938133957;
 Tue, 29 Nov 2022 09:33:37 -0800 (PST)
Return-Path: <bounce+27952+96695+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id QFrsYY1788612xOrN66Li7il;
 Tue, 29 Nov 2022 09:33:37 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156504.1669743216473458054
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:36 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 5D8A320B717A;
	Tue, 29 Nov 2022 09:33:35 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 5D8A320B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Jiaxin Wu <jiaxin.wu@intel.com>,
	Maciej Rabeda <maciej.rabeda@linux.intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Siyuan Fu <siyuan.fu@intel.com>
Subject: [edk2-devel] [PATCH v2 07/12] NetworkPkg: Fix conditionally
 uninitialized variables
Date: Tue, 29 Nov 2022 12:32:41 -0500
Message-Id: <20221129173246.2182-8-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: OjfE5WNPUldwx7jbszZISIHMx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743217;
 bh=TWv00lRgXwWE5XdepzB3V3xzHkuB1G6HbCBQQSSmoXA=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=h0mE6Jd7JddkT92J+w7pJKxyjEiHVDukZyziAx+lRw5l8PqiMyVL1+n9dVuRr423iDk
 Cq/E2Iev+vg5sBf3uYBxrnmcokmDeHMWFGNCqU8LM9IF1Qc33+jxvMUwpfxtmhB3n4hr3
 j3B8GKUoeiysRhJkc03QzGNOFMMGUpp/FwU=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743218947100002
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
 NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c | 2 +-
 NetworkPkg/TcpDxe/TcpInput.c               | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c b/NetworkPkg/Librar=
y/DxeHttpLib/DxeHttpLib.c
index 6a5d78629bb3..21813463aa4f 100644
--- a/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c
+++ b/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c
@@ -753,7 +753,7 @@ HttpUrlGetPort (
=20
   Status =3D  AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FI=
ELD_PORT].Offset, (CHAR8 **)NULL, &Data);
=20
-  if (Data > HTTP_URI_PORT_MAX_NUM) {
+  if (EFI_ERROR (Status) || (Data > HTTP_URI_PORT_MAX_NUM)) {
     Status =3D EFI_INVALID_PARAMETER;
     goto ON_EXIT;
   }
diff --git a/NetworkPkg/TcpDxe/TcpInput.c b/NetworkPkg/TcpDxe/TcpInput.c
index fb1aa827f8ba..7b329be64dfe 100644
--- a/NetworkPkg/TcpDxe/TcpInput.c
+++ b/NetworkPkg/TcpDxe/TcpInput.c
@@ -1570,6 +1570,9 @@ TcpIcmpInput (
   BOOLEAN     IcmpErrIsHard;
   BOOLEAN     IcmpErrNotify;
=20
+  IcmpErrIsHard =3D FALSE;
+  IcmpErrNotify =3D FALSE;
+
   if (Nbuf->TotalSize < sizeof (TCP_HEAD)) {
     goto CLEAN_EXIT;
   }
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96695): https://edk2.groups.io/g/devel/message/96695
Mute This Topic: https://groups.io/mt/95339711/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96696+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96696+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743220; cv=none;
	d=zohomail.com; s=zohoarc;
	b=WFYYtVYeKfMERJQVMzdEgro0ffLBLXvnTcHNn60YrX6Ew+/V4yFF6CQ5K75JFewa+Z+NntGzJOQ6q3fjoUJg+P8Yato39nDczR+VXs+63mJxeFGMO0/0o8eTbEoD62E5FNwMZ+za/8eR8Ayk0qFZbcU7X9eIp6XeePKhHsIq1aY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743220;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=jGfSrzjGl3tsNSNhw9gjeHzbJrkCerZoUpJD22htOTI=;
	b=js35OAJEERhJcv9RkycOFhVtttJyag/F+xEHgHfA4dmPlZTaTlVCUohhBzH71QWqt2XnTQK75WO+UbUerGMFTWFKBh8PkvgEjpAOh3xwJxiDwDL0B35BCnq6tJcR/iPK9pgzTYVa39lAcfiFhEg5xIQ53CQ2FOrf8cZObfZuErE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96696+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743220393294.61186811980417;
 Tue, 29 Nov 2022 09:33:40 -0800 (PST)
Return-Path: <bounce+27952+96696+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 0zZxYY1788612xMYm1tLQhyZ;
 Tue, 29 Nov 2022 09:33:40 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156507.1669743219649824333
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:39 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id AB6F320B83C2;
	Tue, 29 Nov 2022 09:33:38 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com AB6F320B83C2
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Ray Ni <ray.ni@intel.com>
Subject: [edk2-devel] [PATCH v2 08/12] PcAtChipsetPkg: Fix conditionally
 uninitialized variables
Date: Tue, 29 Nov 2022 12:32:42 -0500
Message-Id: <20221129173246.2182-9-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: pmMoBNQ8m5hBZlYAVGuGkKhix1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743220;
 bh=UQ4Eu/Qu0oNgrzoe1kakBOl9tg+E8GH7vgAf7n7DjKI=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=ot3/69TqiuvYjMvfb8Mus0T/U8HuSoeEMIs7NrwXfUmmMiLIEkB8QQsHTdCnFQ0dhOg
 UIk8+AlbEsAEyoYauy3+5+1FwounGqAOcYbWpym/TyHPt2rBAHo6a3dPWzzFmHcC/Q3tu
 lZovg/tk49i/h2aSpCiI/zMmmaKdRgz7XvI=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743220948100006
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
---
 PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c b/PcAtChips=
etPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c
index 9242a2e82600..57ea3153aa6b 100644
--- a/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c
+++ b/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c
@@ -344,7 +344,7 @@ PcRtcInit (
   // so we can use them to get and set wakeup time.
   //
   Status =3D PcRtcGetWakeupTime (&Enabled, &Pending, &Time, Global);
-  if ((Enabled) || (!EFI_ERROR (Status))) {
+  if ((!EFI_ERROR (Status)) || (Enabled)) {
     return EFI_SUCCESS;
   }
=20
@@ -836,8 +836,11 @@ PcRtcSetWakeupTime (
     //
     // Just support set alarm time within 24 hours
     //
-    PcRtcGetTime (&RtcTime, &Capabilities, Global);
-    Status =3D RtcTimeFieldsValid (&RtcTime);
+    Status =3D PcRtcGetTime (&RtcTime, &Capabilities, Global);
+    if (!EFI_ERROR (Status)) {
+      Status =3D RtcTimeFieldsValid (&RtcTime);
+    }
+
     if (EFI_ERROR (Status)) {
       return EFI_DEVICE_ERROR;
     }
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96696): https://edk2.groups.io/g/devel/message/96696
Mute This Topic: https://groups.io/mt/95339713/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96697+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96697+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743224; cv=none;
	d=zohomail.com; s=zohoarc;
	b=OBjPDpuTOcMdLNJSOeAgh53/dsD5v/69u8DZDOsoKMov0Noyxk/YqaJlGzeBuxgnPZzP8k/ce96q2XWwF9Cm5PYgZKmxOZdySTfyQXzvlL5zuWoDk3wSeRGYanJsWU1+Y2MEzy8rktOk/yONzk3Ve9VrkI17zRm3yY8/vJ8sh5M=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743224;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=X/6yU0JiRz/zRqr9wiKruRaMEnnOkAP7JajFcZc2/N8=;
	b=ljToFbThLfRFQAWqMcAmYs43RZA1MKudgt+ettrvRjVRfZzokXBKOzPwyUv/pbR4Qx1JpnCtr2GYl5p2RZviVTJnTsugkhbpRLTwEwaljAEaL3PrTNJYBX8D/Bv5SvKc6Edj0yETB2GeODhFQRqxTIvPtxmR/KgMLI6HiPvpoeU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96697+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 166974322490786.02159963394217;
 Tue, 29 Nov 2022 09:33:44 -0800 (PST)
Return-Path: <bounce+27952+96697+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id McTSYY1788612xtba5qKs2P9;
 Tue, 29 Nov 2022 09:33:43 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156509.1669743223309693448
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:43 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 4EBBA20B717A;
	Tue, 29 Nov 2022 09:33:42 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 4EBBA20B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Ray Ni <ray.ni@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>
Subject: [edk2-devel] [PATCH v2 09/12] ShellPkg: Fix conditionally
 uninitialized variables
Date: Tue, 29 Nov 2022 12:32:43 -0500
Message-Id: <20221129173246.2182-10-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: PoV66M3Rs9cwfwQAm2lRBLBAx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743223;
 bh=rfqNI5g5ZIKBbWll3VEiwwTVHuIsE2M99J+iYk7UgUQ=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=wtNBo0wMpV5HudqHZFyURUtzY6LCcwBLykdgAgTE0eHQ0gVCWnmXaUv2JVRmrjy9ee/
 Yu7flZ1+get/gcZFJ7nAM3ho2xm/eF9ETSymhFCg+mkbzh22SZSk2U88W77WT19jWYoa8
 FMb6kcdVisKmkIdn6OtxewCOBeOL3hDfXoU=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743227204100001
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
---
 ShellPkg/Application/Shell/Shell.c                          |  1 +
 ShellPkg/Application/Shell/ShellProtocol.c                  | 60 +++++++++=
+----------
 ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c  | 56 +++++++++=
---------
 ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c          | 18 +++---
 ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c |  9 ++-
 ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c      | 14 +++--
 ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c   | 17 ++++--
 ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c      | 21 +++----
 8 files changed, 107 insertions(+), 89 deletions(-)

diff --git a/ShellPkg/Application/Shell/Shell.c b/ShellPkg/Application/Shel=
l/Shell.c
index df00adfdfa5b..89a677a32978 100644
--- a/ShellPkg/Application/Shell/Shell.c
+++ b/ShellPkg/Application/Shell/Shell.c
@@ -1300,6 +1300,7 @@ DoStartupScript (
   CHAR16         *FullFileStringPath;
   UINTN          NewSize;
=20
+  CalleeStatus    =3D EFI_SUCCESS;
   Key.UnicodeChar =3D CHAR_NULL;
   Key.ScanCode    =3D 0;
=20
diff --git a/ShellPkg/Application/Shell/ShellProtocol.c b/ShellPkg/Applicat=
ion/Shell/ShellProtocol.c
index 509eb60e40f4..d04b47538b96 100644
--- a/ShellPkg/Application/Shell/ShellProtocol.c
+++ b/ShellPkg/Application/Shell/ShellProtocol.c
@@ -729,50 +729,52 @@ EfiShellGetDeviceName (
     //
     // Now check the parent controller using this as the child.
     //
-    if (DeviceNameToReturn =3D=3D NULL) {
-      PARSE_HANDLE_DATABASE_PARENTS (DeviceHandle, &ParentControllerCount,=
 &ParentControllerBuffer);
+    Status =3D PARSE_HANDLE_DATABASE_PARENTS (DeviceHandle, &ParentControl=
lerCount, &ParentControllerBuffer);
+    if ((DeviceNameToReturn =3D=3D NULL) && !EFI_ERROR (Status)) {
       for (LoopVar =3D 0; LoopVar < ParentControllerCount; LoopVar++) {
-        PARSE_HANDLE_DATABASE_UEFI_DRIVERS (ParentControllerBuffer[LoopVar=
], &ParentDriverCount, &ParentDriverBuffer);
-        for (HandleCount =3D 0; HandleCount < ParentDriverCount; HandleCou=
nt++) {
-          //
-          // try using that driver's component name with controller and ou=
r driver as the child.
-          //
-          Status =3D gBS->OpenProtocol (
-                          ParentDriverBuffer[HandleCount],
-                          &gEfiComponentName2ProtocolGuid,
-                          (VOID **)&CompName2,
-                          gImageHandle,
-                          NULL,
-                          EFI_OPEN_PROTOCOL_GET_PROTOCOL
-                          );
-          if (EFI_ERROR (Status)) {
+        Status =3D PARSE_HANDLE_DATABASE_UEFI_DRIVERS (ParentControllerBuf=
fer[LoopVar], &ParentDriverCount, &ParentDriverBuffer);
+        if (!EFI_ERROR (Status)) {
+          for (HandleCount =3D 0; HandleCount < ParentDriverCount; HandleC=
ount++) {
+            //
+            // try using that driver's component name with controller and =
our driver as the child.
+            //
             Status =3D gBS->OpenProtocol (
                             ParentDriverBuffer[HandleCount],
-                            &gEfiComponentNameProtocolGuid,
+                            &gEfiComponentName2ProtocolGuid,
                             (VOID **)&CompName2,
                             gImageHandle,
                             NULL,
                             EFI_OPEN_PROTOCOL_GET_PROTOCOL
                             );
-          }
+            if (EFI_ERROR (Status)) {
+              Status =3D gBS->OpenProtocol (
+                              ParentDriverBuffer[HandleCount],
+                              &gEfiComponentNameProtocolGuid,
+                              (VOID **)&CompName2,
+                              gImageHandle,
+                              NULL,
+                              EFI_OPEN_PROTOCOL_GET_PROTOCOL
+                              );
+            }
+
+            if (EFI_ERROR (Status)) {
+              continue;
+            }
=20
-          if (EFI_ERROR (Status)) {
-            continue;
+            Lang   =3D GetBestLanguageForDriver (CompName2->SupportedLangu=
ages, Language, FALSE);
+            Status =3D CompName2->GetControllerName (CompName2, ParentCont=
rollerBuffer[LoopVar], DeviceHandle, Lang, &DeviceNameToReturn);
+            FreePool (Lang);
+            Lang =3D NULL;
+            if (!EFI_ERROR (Status) && (DeviceNameToReturn !=3D NULL)) {
+              break;
+            }
           }
=20
-          Lang   =3D GetBestLanguageForDriver (CompName2->SupportedLanguag=
es, Language, FALSE);
-          Status =3D CompName2->GetControllerName (CompName2, ParentContro=
llerBuffer[LoopVar], DeviceHandle, Lang, &DeviceNameToReturn);
-          FreePool (Lang);
-          Lang =3D NULL;
+          SHELL_FREE_NON_NULL (ParentDriverBuffer);
           if (!EFI_ERROR (Status) && (DeviceNameToReturn !=3D NULL)) {
             break;
           }
         }
-
-        SHELL_FREE_NON_NULL (ParentDriverBuffer);
-        if (!EFI_ERROR (Status) && (DeviceNameToReturn !=3D NULL)) {
-          break;
-        }
       }
=20
       SHELL_FREE_NON_NULL (ParentControllerBuffer);
diff --git a/ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c b/S=
hellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c
index 36cf46fb2c38..4549cbde9b9a 100644
--- a/ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c
+++ b/ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c
@@ -1399,10 +1399,11 @@ ShellCommandCreateInitialMappingsAndPaths (
   CHAR16                    *MapName;
   SHELL_MAP_LIST            *MapListItem;
=20
-  SplitCurDir =3D NULL;
-  MapName     =3D NULL;
-  MapListItem =3D NULL;
-  HandleList  =3D NULL;
+  ConsistMappingTable =3D NULL;
+  SplitCurDir         =3D NULL;
+  MapName             =3D NULL;
+  MapListItem         =3D NULL;
+  HandleList          =3D NULL;
=20
   //
   // Reset the static members back to zero
@@ -1458,32 +1459,35 @@ ShellCommandCreateInitialMappingsAndPaths (
     //
     PerformQuickSort (DevicePathList, Count, sizeof (EFI_DEVICE_PATH_PROTO=
COL *), DevicePathCompare);
=20
-    ShellCommandConsistMappingInitialize (&ConsistMappingTable);
-    //
-    // Assign new Mappings to all...
-    //
-    for (Count =3D 0; HandleList[Count] !=3D NULL; Count++) {
+    if (!EFI_ERROR (ShellCommandConsistMappingInitialize (&ConsistMappingT=
able))) {
       //
-      // Get default name first
+      // Assign new Mappings to all...
       //
-      NewDefaultName =3D ShellCommandCreateNewMappingName (MappingTypeFile=
System);
-      ASSERT (NewDefaultName !=3D NULL);
-      Status =3D ShellCommandAddMapItemAndUpdatePath (NewDefaultName, Devi=
cePathList[Count], 0, TRUE);
-      ASSERT_EFI_ERROR (Status);
-      FreePool (NewDefaultName);
-
-      //
-      // Now do consistent name
-      //
-      NewConsistName =3D ShellCommandConsistMappingGenMappingName (DeviceP=
athList[Count], ConsistMappingTable);
-      if (NewConsistName !=3D NULL) {
-        Status =3D ShellCommandAddMapItemAndUpdatePath (NewConsistName, De=
vicePathList[Count], 0, FALSE);
+      for (Count =3D 0; HandleList[Count] !=3D NULL; Count++) {
+        //
+        // Get default name first
+        //
+        NewDefaultName =3D ShellCommandCreateNewMappingName (MappingTypeFi=
leSystem);
+        ASSERT (NewDefaultName !=3D NULL);
+        Status =3D ShellCommandAddMapItemAndUpdatePath (NewDefaultName, De=
vicePathList[Count], 0, TRUE);
         ASSERT_EFI_ERROR (Status);
-        FreePool (NewConsistName);
+        FreePool (NewDefaultName);
+
+        //
+        // Now do consistent name
+        //
+        NewConsistName =3D ShellCommandConsistMappingGenMappingName (Devic=
ePathList[Count], ConsistMappingTable);
+        if (NewConsistName !=3D NULL) {
+          Status =3D ShellCommandAddMapItemAndUpdatePath (NewConsistName, =
DevicePathList[Count], 0, FALSE);
+          ASSERT_EFI_ERROR (Status);
+          FreePool (NewConsistName);
+        }
       }
     }
=20
-    ShellCommandConsistMappingUnInitialize (ConsistMappingTable);
+    if (ConsistMappingTable !=3D NULL) {
+      ShellCommandConsistMappingUnInitialize (ConsistMappingTable);
+    }
=20
     SHELL_FREE_NON_NULL (HandleList);
     SHELL_FREE_NON_NULL (DevicePathList);
@@ -1626,12 +1630,12 @@ ShellCommandUpdateMapping (
     //
     PerformQuickSort (DevicePathList, Count, sizeof (EFI_DEVICE_PATH_PROTO=
COL *), DevicePathCompare);
=20
-    ShellCommandConsistMappingInitialize (&ConsistMappingTable);
+    Status =3D ShellCommandConsistMappingInitialize (&ConsistMappingTable);
=20
     //
     // Assign new Mappings to remainders
     //
-    for (Count =3D 0; !EFI_ERROR (Status) && HandleList[Count] !=3D NULL &=
& !EFI_ERROR (Status); Count++) {
+    for (Count =3D 0; !EFI_ERROR (Status) && HandleList[Count] !=3D NULL; =
Count++) {
       //
       // Skip ones that already have
       //
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c b/ShellPkg/=
Library/UefiShellDebug1CommandsLib/Dblk.c
index 97a4b57a932f..5329b559ba46 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
@@ -158,7 +158,10 @@ ShellCommandRunDblk (
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
=20
-        ShellConvertStringToUint64 (LbaString, &Lba, TRUE, FALSE);
+        if (EFI_ERROR (ShellConvertStringToUint64 (LbaString, &Lba, TRUE, =
FALSE))) {
+          ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV),=
 gShellDebug1HiiHandle, L"dblk", LbaString);
+          ShellStatus =3D SHELL_INVALID_PARAMETER;
+        }
       }
=20
       if (BlockCountString =3D=3D NULL) {
@@ -169,12 +172,13 @@ ShellCommandRunDblk (
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
=20
-        ShellConvertStringToUint64 (BlockCountString, &BlockCount, TRUE, F=
ALSE);
-        if (BlockCount > 0x10) {
-          BlockCount =3D 0x10;
-        } else if (BlockCount =3D=3D 0) {
-          ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV),=
 gShellDebug1HiiHandle, L"dblk", BlockCountString);
-          ShellStatus =3D SHELL_INVALID_PARAMETER;
+        if (!EFI_ERROR (ShellConvertStringToUint64 (BlockCountString, &Blo=
ckCount, TRUE, FALSE))) {
+          if (BlockCount > 0x10) {
+            BlockCount =3D 0x10;
+          } else if (BlockCount =3D=3D 0) {
+            ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV=
), gShellDebug1HiiHandle, L"dblk", BlockCountString);
+            ShellStatus =3D SHELL_INVALID_PARAMETER;
+          }
         }
       }
=20
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c b/=
ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c
index 8bf23a2076a1..72f8c087cb69 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c
@@ -112,10 +112,13 @@ ShellCommandRunEfiDecompress (
=20
         if (ShellStatus =3D=3D SHELL_SUCCESS) {
           Status =3D FileHandleGetSize (InFileHandle, &Temp64Bit);
-          ASSERT (Temp64Bit <=3D (UINT32)(-1));
-          InSize =3D (UINTN)Temp64Bit;
           ASSERT_EFI_ERROR (Status);
-          InBuffer =3D AllocateZeroPool (InSize);
+          if (!EFI_ERROR (Status)) {
+            ASSERT (Temp64Bit <=3D (UINT32)(-1));
+            InSize   =3D (UINTN)Temp64Bit;
+            InBuffer =3D AllocateZeroPool (InSize);
+          }
+
           if (InBuffer =3D=3D NULL) {
             Status =3D EFI_OUT_OF_RESOURCES;
           } else {
diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c b/Shell=
Pkg/Library/UefiShellDriver1CommandsLib/Connect.c
index d7a133c0c5b4..870c5b0d1da7 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c
@@ -508,9 +508,10 @@ ShellCommandRunConnect (
       Count  =3D ShellCommandLineGetCount (Package);
=20
       if (Param1 !=3D NULL) {
-        Status  =3D ShellConvertStringToUint64 (Param1, &Intermediate, TRU=
E, FALSE);
-        Handle1 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
-        if (EFI_ERROR (Status)) {
+        Status =3D ShellConvertStringToUint64 (Param1, &Intermediate, TRUE=
, FALSE);
+        if (!EFI_ERROR (Status)) {
+          Handle1 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+        } else {
           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_INV_HANDLE)=
, gShellDriver1HiiHandle, L"connect", Param1);
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
@@ -519,9 +520,10 @@ ShellCommandRunConnect (
       }
=20
       if (Param2 !=3D NULL) {
-        Status  =3D ShellConvertStringToUint64 (Param2, &Intermediate, TRU=
E, FALSE);
-        Handle2 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
-        if (EFI_ERROR (Status)) {
+        Status =3D ShellConvertStringToUint64 (Param2, &Intermediate, TRUE=
, FALSE);
+        if (!EFI_ERROR (Status)) {
+          Handle2 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+        } else {
           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_INV_HANDLE)=
, gShellDriver1HiiHandle, L"connect", Param2);
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c b/Sh=
ellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c
index 009ae5282b27..fd49d1f7ceb4 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c
@@ -160,12 +160,17 @@ ShellCommandRunDisconnect (
         Param1 =3D ShellCommandLineGetRawValue (Package, 1);
         Param2 =3D ShellCommandLineGetRawValue (Package, 2);
         Param3 =3D ShellCommandLineGetRawValue (Package, 3);
-        ShellConvertStringToUint64 (Param1, &Intermediate1, TRUE, FALSE);
-        Handle1 =3D Param1 !=3D NULL ? ConvertHandleIndexToHandle ((UINTN)=
Intermediate1) : NULL;
-        ShellConvertStringToUint64 (Param2, &Intermediate2, TRUE, FALSE);
-        Handle2 =3D Param2 !=3D NULL ? ConvertHandleIndexToHandle ((UINTN)=
Intermediate2) : NULL;
-        ShellConvertStringToUint64 (Param3, &Intermediate3, TRUE, FALSE);
-        Handle3 =3D Param3 !=3D NULL ? ConvertHandleIndexToHandle ((UINTN)=
Intermediate3) : NULL;
+        if (!EFI_ERROR (ShellConvertStringToUint64 (Param1, &Intermediate1=
, TRUE, FALSE))) {
+          Handle1 =3D Param1 !=3D NULL ? ConvertHandleIndexToHandle ((UINT=
N)Intermediate1) : NULL;
+        }
+
+        if (!EFI_ERROR (ShellConvertStringToUint64 (Param2, &Intermediate2=
, TRUE, FALSE))) {
+          Handle2 =3D Param2 !=3D NULL ? ConvertHandleIndexToHandle ((UINT=
N)Intermediate2) : NULL;
+        }
+
+        if (!EFI_ERROR (ShellConvertStringToUint64 (Param3, &Intermediate3=
, TRUE, FALSE))) {
+          Handle3 =3D Param3 !=3D NULL ? ConvertHandleIndexToHandle ((UINT=
N)Intermediate3) : NULL;
+        }
=20
         if ((Param1 !=3D NULL) && (Handle1 =3D=3D NULL)) {
           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_INV_HANDLE)=
, gShellDriver1HiiHandle, L"disconnect", Param1);
diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c b/Shell=
Pkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c
index c645c9fd6882..8f70d6b6af39 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c
@@ -438,25 +438,22 @@ ShellCommandRunDrvDiag (
     ControllerHandleStr =3D ShellCommandLineGetRawValue (Package, 2);
     ChildHandleStr      =3D ShellCommandLineGetRawValue (Package, 3);
=20
-    if (DriverHandleStr =3D=3D NULL) {
-      Handle1 =3D NULL;
-    } else {
-      ShellConvertStringToUint64 (DriverHandleStr, &Intermediate, TRUE, FA=
LSE);
+    if ((DriverHandleStr !=3D NULL) && ShellConvertStringToUint64 (DriverH=
andleStr, &Intermediate, TRUE, FALSE)) {
       Handle1 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+    } else {
+      Handle1 =3D NULL;
     }
=20
-    if (ControllerHandleStr =3D=3D NULL) {
-      Handle2 =3D NULL;
-    } else {
-      ShellConvertStringToUint64 (ControllerHandleStr, &Intermediate, TRUE=
, FALSE);
+    if ((ControllerHandleStr !=3D NULL) && ShellConvertStringToUint64 (Con=
trollerHandleStr, &Intermediate, TRUE, FALSE)) {
       Handle2 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+    } else {
+      Handle2 =3D NULL;
     }
=20
-    if (ChildHandleStr =3D=3D NULL) {
-      Handle3 =3D NULL;
-    } else {
-      ShellConvertStringToUint64 (ChildHandleStr, &Intermediate, TRUE, FAL=
SE);
+    if ((ChildHandleStr !=3D NULL) && ShellConvertStringToUint64 (ChildHan=
dleStr, &Intermediate, TRUE, FALSE)) {
       Handle3 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+    } else {
+      Handle3 =3D NULL;
     }
=20
     Status =3D DoDiagnostics (
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96697): https://edk2.groups.io/g/devel/message/96697
Mute This Topic: https://groups.io/mt/95339715/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96698+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96698+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743227; cv=none;
	d=zohomail.com; s=zohoarc;
	b=hXoqpV9Z6/VxbjJ6KvUDrLPOToeDxBToti1dZ6uNQhLNbqFyRxeT93Jf+wPrn7MM/Q/dO0Z145c+J+kTJmJHszTXtc6hV5E7LVTZUBs8DUcVs4RDZcNTB9SqvDZYbVkTemyccT1Z8TCZsFO6yo862oH3wWie/iO+MCd9H5+kxow=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743227;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=p+UmwKjaOXcHxoUSxsr7sxyE6nig6QxCmhGkVqS9ud4=;
	b=et6EsIznxmcaiX2d/ZCaWWc5Sa54MGmWML19Hz9gt0EmT4iDQzqAzmHO2gJP6Qlqm3ch1IL7sbaakkApkhHdiCtqDCBjQHYhnjTrxRx3+bOBkK8gWaH8tZaV48Qy+vpvvjZYyIt8plEmyD1lBK2fwVgcfbvXEw8vqbGpMk4+hJA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96698+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743227979663.3265762307884;
 Tue, 29 Nov 2022 09:33:47 -0800 (PST)
Return-Path: <bounce+27952+96698+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id rJTrYY1788612xSAQOR1jtAP;
 Tue, 29 Nov 2022 09:33:47 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156513.1669743227178201536
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:47 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 1277120B717A;
	Tue, 29 Nov 2022 09:33:45 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 1277120B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Eric Dong <eric.dong@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Ray Ni <ray.ni@intel.com>
Subject: [edk2-devel] [PATCH v2 10/12] UefiCpuPkg: Fix conditionally
 uninitialized variables
Date: Tue, 29 Nov 2022 12:32:44 -0500
Message-Id: <20221129173246.2182-11-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: JcXAxMSPPqrS2ADF3CBGQNIhx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743227;
 bh=wT964Xw9FiqxSv2PbuXogkzpWv5tY5eIdHdyxvCYA4s=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=p/cBOe6cN3ZINfqNSJ6tG+WDk8s0cdl/xQWOMGFKz7oPuI+Xd5sj/hHy2yapKK/Bw2O
 ulmYyal89aVkcP5FgCSWeC9CJFAmVNY1ZphO15dpFOwiowOkiE4Ef6flJ6iDm2jFurHFk
 GHpQvGz7M+QwNkfqkXH9ctaGhvkvCsY5mc8=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743229001100003
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Eric Dong <eric.dong@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
 UefiCpuPkg/CpuMpPei/CpuBist.c   | 8 +++++++-
 UefiCpuPkg/CpuMpPei/CpuMpPei.c  | 8 +++++++-
 UefiCpuPkg/CpuMpPei/CpuPaging.c | 9 ++++++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/UefiCpuPkg/CpuMpPei/CpuBist.c b/UefiCpuPkg/CpuMpPei/CpuBist.c
index 7dc93cd784d4..122808139b87 100644
--- a/UefiCpuPkg/CpuMpPei/CpuBist.c
+++ b/UefiCpuPkg/CpuMpPei/CpuBist.c
@@ -175,7 +175,13 @@ CollectBistDataFromPpi (
   EFI_SEC_PLATFORM_INFORMATION_RECORD2  *PlatformInformationRecord2;
   EFI_SEC_PLATFORM_INFORMATION_CPU      *CpuInstanceInHob;
=20
-  MpInitLibGetNumberOfProcessors (&NumberOfProcessors, &NumberOfEnabledPro=
cessors);
+  Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, &NumberO=
fEnabledProcessors);
+  ASSERT_EFI_ERROR (Status);
+
+  if (EFI_ERROR (Status)) {
+    NumberOfProcessors        =3D 1u;
+    NumberOfEnabledProcessors =3D 1u;
+  }
=20
   BistInformationSize =3D sizeof (EFI_SEC_PLATFORM_INFORMATION_RECORD2) +
                         sizeof (EFI_SEC_PLATFORM_INFORMATION_CPU) * Number=
OfProcessors;
diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.c b/UefiCpuPkg/CpuMpPei/CpuMpPei.c
index e7f1fe9f426c..a84304273168 100644
--- a/UefiCpuPkg/CpuMpPei/CpuMpPei.c
+++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.c
@@ -473,7 +473,13 @@ InitializeMpExceptionStackSwitchHandlers (
     return;
   }
=20
-  MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  ASSERT_EFI_ERROR (Status);
+
+  if (EFI_ERROR (Status)) {
+    NumberOfProcessors =3D 1u;
+  }
+
   SwitchStackData =3D AllocatePages (EFI_SIZE_TO_PAGES (NumberOfProcessors=
 * sizeof (EXCEPTION_STACK_SWITCH_CONTEXT)));
   ASSERT (SwitchStackData !=3D NULL);
   ZeroMem (SwitchStackData, NumberOfProcessors * sizeof (EXCEPTION_STACK_S=
WITCH_CONTEXT));
diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin=
g.c
index 135422225340..1322fcb77f28 100644
--- a/UefiCpuPkg/CpuMpPei/CpuPaging.c
+++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c
@@ -538,6 +538,7 @@ SetupStackGuardPage (
   UINTN                 NumberOfProcessors;
   UINTN                 Bsp;
   UINTN                 Index;
+  EFI_STATUS            Status;
=20
   //
   // One extra page at the bottom of the stack is needed for Guard page.
@@ -547,7 +548,13 @@ SetupStackGuardPage (
     ASSERT (FALSE);
   }
=20
-  MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  ASSERT_EFI_ERROR (Status);
+
+  if (EFI_ERROR (Status)) {
+    NumberOfProcessors =3D 1u;
+  }
+
   MpInitLibWhoAmI (&Bsp);
   for (Index =3D 0; Index < NumberOfProcessors; ++Index) {
     StackBase =3D 0;
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96698): https://edk2.groups.io/g/devel/message/96698
Mute This Topic: https://groups.io/mt/95339717/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96699+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96699+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743236; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Trr9B8EUHMIJu8ip6yQG5IdT8Fc7+v5O1RZHPuwZVvHPEErPwlYQhX9/gRWOkT4EvCl2wd+sEaRiJM2osxaMrrxnPAjFPjqIlg2zDb9nmzRh51FSfLwGVWWlPw51zEQnm2hiCk2MsoxvsDkvS2KSR3I+7Mzvq2h4C9FHOGLRHzg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743236;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=Y55z3OSW+Zn+JsqRioAz6SBSevWub6ejU9d6r/ixa2Q=;
	b=aTw4GWeQ14IenETdhrAJgyMRjfNVQFtsBdkLf6yKhGuHY0AmIOPk4aGMwBUWdnPP7sjzrWA/a87yikrfIQN9tlzYg5JQdQwJiDYVL+2brwAW442X/Wz6JsqraTM9p3pxuPEDcNWPR04djSybOlGQwNZGqTAbVh8Is93y98kryLs=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96699+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 16697432367911007.1113218626379;
 Tue, 29 Nov 2022 09:33:56 -0800 (PST)
Return-Path: <bounce+27952+96699+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 043mYY1788612xZziVvdMyo3;
 Tue, 29 Nov 2022 09:33:56 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.156514.1669743230722665705
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:50 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id C393220B717A;
	Tue, 29 Nov 2022 09:33:49 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com C393220B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>
Subject: [edk2-devel] [PATCH v2 11/12] .github/codeql/edk2.qls: Enable CWE
 457, 676, and 758 queries
Date: Tue, 29 Nov 2022 12:32:45 -0500
Message-Id: <20221129173246.2182-12-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: x7FWJCZbB4ohStqXekqMzJaJx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743236;
 bh=po9OsHKHO9m9ne5hRi9TCf+AWW0HvAKXszpVsYY1T1Y=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=ZNofXKECbSGtAP3aDYatUX1FyMo9DANXav73MdAe9HWyft6FuQC25yfHDLC6OwKBqGq
 KWmQP/JlVG2aXwyekVREpqVJ7FAttu1TUdzODZoersXUAneiOl1Va4vel7JExpI+iaEPj
 tByOZJonPrIDQu1P5XAQb2QTnkeYvf40mWA=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743237048100003
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

The previous commits fixed issues with these queries across various
packages. Now that those are resolved, enable the queries in the
edk2 query set so regressions can be found in the future.

Enables:

1. cpp/conditionallyuninitializedvariable
   - CWE: https://cwe.mitre.org/data/definitions/457.html
   - @name Conditionally uninitialized variable
   - @description An initialization function is used to initialize a
                  local variable, but the returned status code is
                  not checked. The variable may be left in an
                  uninitialized state, and reading the variable may
                  result in undefined behavior.
   - @kind problem
   - @problem.severity warning
   - @security-severity 7.8
   - @id cpp/conditionally-uninitialized-variable
   - @tags security
     - external/cwe/cwe-457
2. cpp/pointer-overflow-check
   - CWE: https://cwe.mitre.org/data/definitions/758.html
   - @name Pointer overflow check
   - @description Adding a value to a pointer to check if it
                  overflows relies on undefined behavior and
                  may lead to memory corruption.
   - @kind problem
   - @problem.severity error
   - @security-severity 2.1
   - @precision high
   - @id cpp/pointer-overflow-check
   - @tags reliability
     - security
     - external/cwe/cwe-758
3. cpp/potential-buffer-overflow
   - CWE: https://cwe.mitre.org/data/definitions/676.html
   - @name Potential buffer overflow
   - @description Using a library function that does not check
                  buffer bounds requires the surrounding program
                  to be very carefully written to avoid buffer
                  overflows.
   - @kind problem
   - @id cpp/potential-buffer-overflow
   - @problem.severity warning
   - @security-severity 10.0
   - @tags reliability
     - security
     - external/cwe/cwe-676
   - @deprecated This query is deprecated, use
                 Potentially overrunning write
                 (`cpp/overrunning-write`) and
                 Potentially overrunning write with float to string
                 conversion
                 (`cpp/overrunning-write-with-float`) instead.

Note that cpp/potential-buffer-overflow is deprecated. This query
will be updated to the succeeding queries in the next commit. The
query is used in this commit to show that we considered and tested
the query in history.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 .github/codeql/edk2.qls | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index ef9aae790f5f..dc2d87764e93 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -8,7 +8,14 @@
=20
 # Enable individual queries below.
=20
+- include:
+    id: cpp/conditionallyuninitializedvariable
 - include:
     id: cpp/infinite-loop-with-unsatisfiable-exit-condition
 - include:
     id: cpp/overflow-buffer
+- include:
+    id: cpp/pointer-overflow-check
+- include:
+    id: cpp/potential-buffer-overflow
+
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96699): https://edk2.groups.io/g/devel/message/96699
Mute This Topic: https://groups.io/mt/95339720/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu Apr 25 19:59:16 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+96700+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96700+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1669743236; cv=none;
	d=zohomail.com; s=zohoarc;
	b=UDrEWII2A6uQCEe/ceN7F9hCxsfGGjP+rYElkt67pNEcIYXoWDUU7wPW62vREMOlCiMGF5fI0Uw1CfZQY9UuRuKeAfBOHTI6U2Fe18cB/1K0GZvuHdLAKg01waGjdy9nE3UE8YRX1Epqd79JHMEEcPlHHajnpSbrbgSeT5x3IWM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669743236;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=S0GcLku9qoytVFhsdVTZWCfmfR+c/k6VgghF6vjXqF4=;
	b=l90/Qgxuz/UXhDWQcIoEiM7d7JztbPsIX4REPacUrdmYVHXiT2BW56uJL3tNVauTrwodBipRoYDApdVf3CE4zZppMMz5cos7vjx3z1y0JiJsntK8MYxk7k/ohLeeSPm57d46H7rM+lMT5SK7PNcdbG0thVY4pHkAbywvD02zCoM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+96700+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1669743236283817.1704159888749;
 Tue, 29 Nov 2022 09:33:56 -0800 (PST)
Return-Path: <bounce+27952+96700+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id x1u3YY1788612xcZYUKKBdHx;
 Tue, 29 Nov 2022 09:33:55 -0800
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.157040.1669743234254459992
 for <devel@edk2.groups.io>;
 Tue, 29 Nov 2022 09:33:54 -0800
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 632E720B717A;
	Tue, 29 Nov 2022 09:33:53 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 632E720B717A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>
Subject: [edk2-devel] [PATCH v2 12/12] .github/codeql/edk2.qls: Enable CWE
 120, 787, and 805 queries
Date: Tue, 29 Nov 2022 12:32:46 -0500
Message-Id: <20221129173246.2182-13-mikuback@linux.microsoft.com>
In-Reply-To: <20221129173246.2182-1-mikuback@linux.microsoft.com>
References: <20221129173246.2182-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: vvlzXR4WkNq5qMLy4vVskFK7x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1669743235;
 bh=i/l75sEDRsKZakBzpZlijjFqa/a/9r+22Loocpm8rYk=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=oWBL3COWBYBfVCxmenCxfqzEeSp8AwGNxEoSG9a1R78K/ZxLSl89VWTTZm8JpESmmRg
 x1VvQKK0AREkRHhPSCbetmnAIztUiIF8hB8nCWCITxNhAvHUADxSqPXJ9W7JPPTh4Kpc1
 8nv0k5SOf3SocfTBlJil01NifGrXUkyRN08=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1669743237041100001
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

As recommended by CodeQL this change replaces
cpp/potential-buffer-overflow with cpp/overrunning-write-with-float
and cpp/overrunning-write.

Enables:

1. cpp/overrunning-write
   - @name Likely overrunning write
   - @description Buffer write operations that do not control the length
                  data written may overflow
   - @kind problem
   - @problem.severity error
   - @security-severity 9.3
   - @precision high
   - @id cpp/very-likely-overrunning-write
   - @tags reliability
     - security
     - external/cwe/cwe-120
     - external/cwe/cwe-787
     - external/cwe/cwe-805
2. cpp/overrunning-write-with-float
   - @name Potentially overrunning write with float to string conversion
   - @description Buffer write operations that do not control the length
                  of data written may overflow when floating point inputs
                  take extreme values.
   - @kind problem
   - @problem.severity error
   - @security-severity 9.3
   - @precision medium
   - @id cpp/overrunning-write-with-float
   - @tags reliability
     - security
     - external/cwe/cwe-120
     - external/cwe/cwe-787
     - external/cwe/cwe-805
3. cpp/very-likely-overrunning-write
   - @name Likely overrunning write
   - @description Buffer write operations that do not control the length
                  of data written may overflow
   - @kind problem
   - @problem.severity error
   - @security-severity 9.3
   - @precision high
   - @id cpp/very-likely-overrunning-write
   - @tags reliability
     - security
     - external/cwe/cwe-120
     - external/cwe/cwe-787
     - external/cwe/cwe-805

- CWEs:
  - https://cwe.mitre.org/data/definitions/120.html
  - https://cwe.mitre.org/data/definitions/787.html
  - https://cwe.mitre.org/data/definitions/805.html

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
---
 .github/codeql/edk2.qls | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index dc2d87764e93..9bea9ba01f24 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -14,8 +14,11 @@
     id: cpp/infinite-loop-with-unsatisfiable-exit-condition
 - include:
     id: cpp/overflow-buffer
+- include:
+    id: cpp/overrunning-write
+- include:
+    id: cpp/overrunning-write-with-float
 - include:
     id: cpp/pointer-overflow-check
 - include:
-    id: cpp/potential-buffer-overflow
-
+    id: cpp/very-likely-overrunning-write
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#96700): https://edk2.groups.io/g/devel/message/96700
Mute This Topic: https://groups.io/mt/95339722/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-