From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101845+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101845+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697058; cv=none;
	d=zohomail.com; s=zohoarc;
	b=lv0283MbjOosGnNU/RBL2u1V7h2DV0dVw22/5aAWtEukUTBF/u4TyOp5t6OFKOn/YvllHIB+4O7PXkF+nU5jojNiwLQjmbDj8/gFITTRZHf+7vXkEuWe4DyM09X+8Uhz+e8THlwKPIxs7KQxgnaIkPI0PmsrdZRNOPqgXGiWHd8=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697058;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=9UzBe/eKT+QcvelKyafJAfKidgayeWbh3H8yrhXqnU4=;
	b=V8JjQtgolV6YEyvNxRDCy5EL/1teSrMBXMlvHXYMQJell3NQD07+upTkBr/SL1f9v9fg2oLpGMEDcwxaE1BVZ7XvVHC5r57xJ+xvdDeaNcrwLd/9Hb/1LiPPMpFmzR4lxoAR7cGOE4fiSI/3Fe4FfvIO6JagmXbcqKiA+ByenJk=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101845+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697058360947.0032667548893;
 Fri, 24 Mar 2023 15:30:58 -0700 (PDT)
Return-Path: <bounce+27952+101845+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 3rGmYY1788612xJHtQHQhVzr;
 Fri, 24 Mar 2023 15:30:57 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10560.1679697057424521658
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:30:57 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id DD5FE20FC45C;
	Fri, 24 Mar 2023 15:30:55 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com DD5FE20FC45C
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Dandan Bi <dandan.bi@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Star Zeng <star.zeng@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>
Subject: [edk2-devel] [PATCH v7 01/12] MdeModulePkg/SmbiosDxe: Fix pointer and
 buffer overflow CodeQL alerts
Date: Fri, 24 Mar 2023 18:30:23 -0400
Message-Id: <20230324223034.1560-2-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: OXXLNroIZM3kUA3kV1UanWgzx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697057;
 bh=ckeWb/scL/Jo86XLUmYUoYcTySPK1PYT2Pk/1hjvJNs=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=i/Hj/6XUNT40Qxgxe1+i+Qhc5vxvWH+SnUSmlNssPp13qXbTKvOsoRZ8XLaWKqWEqH5
 2aT15SpJOEaVP5dc7bteAfB5PN/w76EE9rqbfSZwRTwb4WLjOwBjmtyTB6Tom76Svan0G
 EZNi0sbOaAwgV1Uj2LrpY7lflDjeSfJC0lk=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697059464100002
Content-Type: text/plain; charset="utf-8"

From: Erich McMillan <emcmillan@microsoft.com>

Details for these CodeQL alerts can be found here:

- Pointer overflow check (cpp/pointer-overflow-check):
  - https://cwe.mitre.org/data/definitions/758.html

- Potential buffer overflow check (cpp/potential-buffer-overflow):
  - https://cwe.mitre.org/data/definitions/676.html

CodeQL alert:

  - Line 1612 in MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
    - Type: Pointer overflow check
    - Severity: Low
    - Problem: Range check relying on pointer overflow

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Erich McMillan <emcmillan@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c b/MdeModulePkg/Un=
iversal/SmbiosDxe/SmbiosDxe.c
index 1d43adc7662c..dd077bb0cf19 100644
--- a/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
+++ b/MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.c
@@ -1608,9 +1608,7 @@ ParseAndAddExistingSmbiosTable (
     //
     // Make sure not to access memory beyond SmbiosEnd
     //
-    if ((Smbios.Raw + sizeof (SMBIOS_STRUCTURE) > SmbiosEnd.Raw) ||
-        (Smbios.Raw + sizeof (SMBIOS_STRUCTURE) < Smbios.Raw))
-    {
+    if ((UINTN)(SmbiosEnd.Raw - Smbios.Raw) < sizeof (SMBIOS_STRUCTURE)) {
       return EFI_INVALID_PARAMETER;
     }
=20
@@ -1625,9 +1623,7 @@ ParseAndAddExistingSmbiosTable (
     // Make sure not to access memory beyond SmbiosEnd
     // Each structure shall be terminated by a double-null (0000h).
     //
-    if ((Smbios.Raw + Smbios.Hdr->Length + 2 * sizeof (UINT8) > SmbiosEnd.=
Raw) ||
-        (Smbios.Raw + Smbios.Hdr->Length + 2 * sizeof (UINT8) < Smbios.Raw=
))
-    {
+    if ((UINTN)(SmbiosEnd.Raw - Smbios.Raw) < (Smbios.Hdr->Length + 2U)) {
       return EFI_INVALID_PARAMETER;
     }
=20
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101845): https://edk2.groups.io/g/devel/message/101845
Mute This Topic: https://groups.io/mt/97834564/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101846+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101846+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697063; cv=none;
	d=zohomail.com; s=zohoarc;
	b=XACjVzUp/3SQY47U41zi09x8WiwKFNJq08+6z+3f18VOlYjmPrOLAk6A6/4ttwzPijakRJ2vaIppEdNZAg1nKcJwwXLVWrx7ohnchZ0EE4F+qEq1PxsuJ1WSzUxk3jYW8Ngm1HtU29VAQKt3jk4ywhi/gHudz3xFIMLFNLjXMt4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697063;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=lHVuSo4ru8Q4YeMLqYjKgS+z3iSQbIOLrkNxinLdTO0=;
	b=LqAs7gh8sFTcnHNUBtYer5YdBk+VRaRqZ3HvAZj+tmaKHd6TTAL9VVSgZK1sZ69vZRzqBmgCFd7vgdwnRqlhdDQwLyoXsO/EsP2WRWTp7b9FZ02SHKVT3C6NLHX3aHbI0DiCdV0gU+PMRTKJYLPVBF8ZJJ1rkMSP94ABpKnE+TE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101846+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697063363411.932004884972;
 Fri, 24 Mar 2023 15:31:03 -0700 (PDT)
Return-Path: <bounce+27952+101846+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id Bh9GYY1788612xOgnpMBbbtH;
 Fri, 24 Mar 2023 15:31:03 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10566.1679697062050366163
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:02 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id B1C0920FC4D5;
	Fri, 24 Mar 2023 15:30:58 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com B1C0920FC4D5
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Rebecca Cran <rebecca@bsdio.com>,
	Bob Feng <bob.c.feng@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Yuwei Chen <yuwei.chen@intel.com>
Subject: [edk2-devel] [PATCH v7 02/12] BaseTools/PatchCheck.py: Add PCCTS to
 tab exemption list
Date: Fri, 24 Mar 2023 18:30:24 -0400
Message-Id: <20230324223034.1560-3-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: D3CRS499Qqrbht1uyTKb7uWtx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697063;
 bh=ssW6mWg9hISrL/jgz00DwaHRrnMKjFKjXVssWH/JC40=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=kDU0YKGBqV04ENmDG4nbvJa8DLe/mGbR4amXcKrixyLyYdfQMG+//5e0Me07u5KuEGK
 ABKPVzzaBEvcBcjX+KWb3eNEYzZr8ibXfESNHAFwJSkN6TDP8NeDEAyIkZJ4mLfHlZZ9U
 bYUfpU/gP5csCjfdKwFpIBtuzGNx59paYoA=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697065548100005
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Purdue Compiler Construction Tool Set (PCCTS) source code was copied/
pasted into BaseTools/Source/C/VfrCompile/Pccts/.

The code contains tab characters instead of spaces.

PatchCheck.py gives an error on modifications to files that
contain tabs.

The goal of my upcoming change there is not to mix tabs and spaces
but to fix a bug while preserving its current formatting characters.

This change adds that directory to the pre-existing list of
directories in which tab checks are ignored in PatchCheck.py
and also updates the check for makefiles to check for *.makefile:
this allows {header,footer,app,lib}.makefile in
BaseTools/Source/C/Makefiles to be detected and avoid having
PatchCheck.py complain about tab characters.

The check for "Makefile" is updated to be case-insensitive since
there are some Makefiles named 'makefile' instead of 'Makefile'.

Co-authored-by: Rebecca Cran <rebecca@bsdio.com>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
Reviewed-by: Rebecca Cran <rebecca@bsdio.com>
---
 BaseTools/Scripts/PatchCheck.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/BaseTools/Scripts/PatchCheck.py b/BaseTools/Scripts/PatchCheck=
.py
index fcdabfc8acea..5d17d99a12ef 100755
--- a/BaseTools/Scripts/PatchCheck.py
+++ b/BaseTools/Scripts/PatchCheck.py
@@ -383,7 +383,10 @@ class GitDiffCheck:
                     self.force_crlf =3D False
                     self.force_notabs =3D False
                 if os.path.basename(self.filename) =3D=3D 'GNUmakefile' or=
 \
-                   os.path.basename(self.filename) =3D=3D 'Makefile':
+                   os.path.basename(self.filename).lower() =3D=3D 'makefil=
e' or \
+                   os.path.splitext(self.filename)[1] =3D=3D '.makefile' o=
r \
+                   self.filename.startswith(
+                        'BaseTools/Source/C/VfrCompile/Pccts/'):
                     self.force_notabs =3D False
             elif len(line.rstrip()) !=3D 0:
                 self.format_error("didn't find diff command")
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101846): https://edk2.groups.io/g/devel/message/101846
Mute This Topic: https://groups.io/mt/97834567/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101847+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101847+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697062; cv=none;
	d=zohomail.com; s=zohoarc;
	b=RLy6ThCTnK/q9Ijjhep+45ej9juGfybfzDMWHAuN9Fi9vONmS6fPEE6Icnruu791POKSHHnZfkSU3na8kHHTnJoM/NGTst1j214KGX675ZLD2Qyr5ozu4PvXq0l2T9pxb5RZXHmP5asj/i0XirfQAXzaW1FfQOWFgzl3V/Ivid0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697062;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=r4Ef3G7zdBads76M5wlp8EjxEAvpX+0QV1OdAUKc+PA=;
	b=EyGMxzV7KVsA2rVgyJZMCgfeHvk6INxs9535KNZF8yHQP4PsJaSCMxCJJHGNw/n0sdk5fk1VxE3nE/UnvpETGBsDBDaITSuPl6QI6V/AlnMb0mQwW/Gxm6XIUkiKlcxXTZq3g7Hx0b3bxqZNhpt3ABPp7xs1eohLwZv6S1Nvz3g=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101847+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697062921566.9264056881862;
 Fri, 24 Mar 2023 15:31:02 -0700 (PDT)
Return-Path: <bounce+27952+101847+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 5Lh0YY1788612xpHz7ZApkBv;
 Fri, 24 Mar 2023 15:31:02 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10567.1679697062114083306
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:02 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id E09C020FC3CF;
	Fri, 24 Mar 2023 15:31:00 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E09C020FC3CF
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Bob Feng <bob.c.feng@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Yuwei Chen <yuwei.chen@intel.com>
Subject: [edk2-devel] [PATCH v7 03/12] BaseTools/VfrCompile: Fix potential
 buffer overwrites
Date: Fri, 24 Mar 2023 18:30:25 -0400
Message-Id: <20230324223034.1560-4-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: DManDPlGJYgQP5gafRVIOv0px1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697062;
 bh=JA2IfC3qAhumnq+hlHPe2pI270kBUyKGVyONGHaQtG8=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=Jz2FHwoEQ/HW6QMH5ncrGqoSMsY6+zO/8E5hyra4S0ScM8QN3wDh9uYO9kXz8QOQw9l
 FNB8ytEF2Fgmvd68VxdlmZC0a8n68eBVeP0RvApFLRH0nVLT4gEmiZRvSoxxB3Qa1WNuG
 pgwg20vQEos+iHQSbeSMEFVQBzPVYP+seq4=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697063511100002
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

While more portable methods exist to handle these cases, this change
does not attempt to do more than fix the immediate problem and
follow the conventions already established in this code.

`snprintf()` is introduced as the minimum improvement apart from
making the buffers larger.

Fixes the following CodeQL alerts:

1. Failure on line 2339 in
   BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c

   - Type: Potentially overrunning write
   - Severity: Critical
   - Problem: This 'call to sprintf' operation requires 17 bytes but
     the destination is only 16 bytes.

2. Failure on line 2341 in
   BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c

   - Type: Potentially overrunning write
   - Severity: Critical
   - Problem: This 'call to sprintf' operation requires 17 bytes but
     the destination is only 16 bytes.

3. Failure on line 1309 in
   BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c

   - Type: Potentially overrunning write
   - Severity: Critical
   - Problem: This 'call to sprintf' operation requires 25 bytes but
     the destination is only 20 bytes.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c  | 10 +++++-----
 BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c b/BaseTools/So=
urce/C/VfrCompile/Pccts/antlr/gen.c
index 8e41239f4751..33d9cac4c7de 100644
--- a/BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c
+++ b/BaseTools/Source/C/VfrCompile/Pccts/antlr/gen.c
@@ -2331,14 +2331,14 @@ TokNode *p;
 			set_nameErrSet =3D bufErrSet;								/* MR23 */
 		}
 		else {					/* wild card */
-			static char buf[sizeof("zzerr")+10];
-			static char bufErrSet[sizeof("zzerr")+10];
+			static char buf[sizeof("zzerr")+11];
+			static char bufErrSet[sizeof("zzerr")+11];
 			int n =3D DefErrSet( &b, 0, NULL );
 			int nErrSet =3D DefErrSetWithSuffix(0, &bErrSet, 1, NULL, "_set");
-			if ( GenCC ) sprintf(buf, "err%d", n);
-			else sprintf(buf, "zzerr%d", n);
+			if ( GenCC ) snprintf(buf, 11, "err%d", n);
+			else snprintf(buf, 11, "zzerr%d", n);
 			if ( GenCC ) sprintf(bufErrSet, "err%d", nErrSet);
-			else sprintf(bufErrSet, "zzerr%d", nErrSet);
+			else snprintf(bufErrSet, 11, "zzerr%d", nErrSet);
 			set_name =3D buf;
 			set_nameErrSet =3D bufErrSet;
 		}
diff --git a/BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c b/BaseTools/S=
ource/C/VfrCompile/Pccts/antlr/main.c
index 051ee4ec5d28..488b4b90461c 100644
--- a/BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c
+++ b/BaseTools/Source/C/VfrCompile/Pccts/antlr/main.c
@@ -1295,7 +1295,7 @@ int token;
 #endif
 {
 	int     j;
-        static    char    imag_name[20];
+        static    char    imag_name[25];
=20
 	/* look in all lexclasses for the token */
 	if ( TokenString(token) !=3D NULL ) return TokenString(token);
@@ -1306,7 +1306,7 @@ int token;
 	}
=20
     if (1) {
-      sprintf(imag_name,"UnknownToken#%d",token);           /* MR13 */
+      snprintf(imag_name, 25, "UnknownToken#%d", token);    /* MR13 */
       return imag_name;                                     /* MR13 */
     }
=20
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101847): https://edk2.groups.io/g/devel/message/101847
Mute This Topic: https://groups.io/mt/97834568/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101848+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101848+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697068; cv=none;
	d=zohomail.com; s=zohoarc;
	b=c+prQKGheaMiqk139B+CBSdNEK6ugprL0kEmrOIKKWIjGFGDcNBYLahGqXlf/JOcbNT7nRu2Th6E2Rq7VIRgeU+g0EOcuS4+EOl7MFDic32lfq5/vWnQ8zfdE8YdLoUjpN2E9eSrNge2N/pEKPK2ol/kMVL/y8W6MlMRqtLOgEY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697068;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=S5YVK/sXobcxop+RZQK8xNtpo5NZ0Zh0YoeNfa4gXrU=;
	b=IW9EkFT/30lNWXgHIXRpeBmN3MyNekk1b285ksAn05WXL/fUF6ipau3Tek2jyfnOsPwXHzHLPI/ZrRC1R3vRlFBhApKvq65QRWPa0Zd2NzzN+pyY9GFJtALRW2OewIDzJ6RdTML3SWhp972Tt+uQq4R0KzDtI5iB/efMtK2h/HY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101848+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697068518792.818856303906;
 Fri, 24 Mar 2023 15:31:08 -0700 (PDT)
Return-Path: <bounce+27952+101848+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id ae8GYY1788612x4npXqQTSDi;
 Fri, 24 Mar 2023 15:31:08 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10571.1679697067391900146
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:07 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 1C94020FC45C;
	Fri, 24 Mar 2023 15:31:04 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 1C94020FC45C
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Jiewen Yao <Jiewen.yao@intel.com>
Subject: [edk2-devel] [PATCH v7 04/12] CryptoPkg: Fix conditionally
 uninitialized variable
Date: Fri, 24 Mar 2023 18:30:26 -0400
Message-Id: <20230324223034.1560-5-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: fZajGVYD2xNeX1R2cTFm2N5Ix1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697068;
 bh=5gKOK1/bGxN84pSbAdYKeJYCMXlJwqOONm8bx9y7tZ0=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=n6UHolbnD5RXI2BU4DyA8kw4QXUX5ShpevO1uJSVkB5PXSR4LLIMUNKSDZrNCJP7GHu
 jXv2ZTQTnlYnor3iEi1BYcUE2JB834XuOtqTuY+U3zKQ8dxbYI2pZSJG7PeH5v23z3kzu
 ZBHzqgsaOs2/x5fFaTyOh3Gysgk1Vr/mxNY=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697069511100001
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Checks the return value from `ASN1_get_object()` to verify values
set by the function are valid.

Note that the function returns literal `0x80`:
    `return (0x80);`

That is used to check the return value is as the case in other areas
of the code.

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 21 +++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr=
ary/BaseCryptLib/Pk/CryptX509.c
index 2333157e0d17..1182323b63ee 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -807,6 +807,7 @@ X509GetTBSCert (
   UINT32       Asn1Tag;
   UINT32       ObjClass;
   UINTN        Length;
+  UINTN        Inf;
=20
   //
   // Check input parameters.
@@ -836,9 +837,9 @@ X509GetTBSCert (
   //
   Temp   =3D Cert;
   Length =3D 0;
-  ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjCla=
ss, (long)CertSize);
+  Inf    =3D ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (in=
t *)&ObjClass, (long)CertSize);
=20
-  if (Asn1Tag !=3D V_ASN1_SEQUENCE) {
+  if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {
     return FALSE;
   }
=20
@@ -848,7 +849,7 @@ X509GetTBSCert (
   //
   // Verify the parsed TBSCertificate is one correct SEQUENCE data.
   //
-  if (Asn1Tag !=3D V_ASN1_SEQUENCE) {
+  if (((Inf & 0x80) =3D=3D 0x00) && (Asn1Tag !=3D V_ASN1_SEQUENCE)) {
     return FALSE;
   }
=20
@@ -1888,18 +1889,20 @@ Asn1GetTag (
   IN     UINT32   Tag
   )
 {
-  UINT8  *PtrOld;
-  INT32  ObjTag;
-  INT32  ObjCls;
-  long   ObjLength;
+  UINT8   *PtrOld;
+  INT32   ObjTag;
+  INT32   ObjCls;
+  long    ObjLength;
+  UINT32  Inf;
=20
   //
   // Save Ptr position
   //
   PtrOld =3D *Ptr;
=20
-  ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjCls, (INT=
32)(End - (*Ptr)));
-  if ((ObjTag =3D=3D (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&
+  Inf =3D ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjC=
ls, (INT32)(End - (*Ptr)));
+  if (((Inf & 0x80) =3D=3D 0x00) &&
+      (ObjTag =3D=3D (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&
       (ObjCls =3D=3D (INT32)(Tag & CRYPTO_ASN1_TAG_CLASS_MASK)))
   {
     *Length =3D (UINTN)ObjLength;
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101848): https://edk2.groups.io/g/devel/message/101848
Mute This Topic: https://groups.io/mt/97834577/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101849+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101849+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697069; cv=none;
	d=zohomail.com; s=zohoarc;
	b=FOqjM3xtEO5d7ty0nuciwl75aFp5PPe++FY1D2tYWAk3/km3g22WMePR7VAySflcKTUWs2o2RbltrBB1y4nIn1Jtbjp/wTguh4shmcSRf11mxKr87b1atB/rAeLnnnJT5fIABbAIBFDyN3bJfOEQQcbyFDX0LnOte8v7Q3xgQ5c=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697069;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=vL40JR9K0dyguGTAPRNyMr9OVxKVsMda5k6Xb4nWcVk=;
	b=IDSECfQ/sYsjfX4blXc/IVkHk+IKPko4/+KblOdVxEr9ab6Ir7O5J2VjZ74avBQzvBSUNOVSYRd91m7X3BAgfE2MpgBhqBPbOeUQVhEc8Ko0FY9tusFc5jlakpDsLwNrhgcRpz/m5/DsHNhkCZYPH/IMNujrlbUKpYPoOzjUssg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101849+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 16796970697221023.3778037036624;
 Fri, 24 Mar 2023 15:31:09 -0700 (PDT)
Return-Path: <bounce+27952+101849+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id j2kUYY1788612xhkQ3H1uO4U;
 Fri, 24 Mar 2023 15:31:09 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.10539.1679697068623557112
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:08 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 26B8520FC46C;
	Fri, 24 Mar 2023 15:31:07 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 26B8520FC46C
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Dandan Bi <dandan.bi@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Ray Ni <ray.ni@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>
Subject: [edk2-devel] [PATCH v7 05/12] MdeModulePkg: Fix conditionally
 uninitialized variables
Date: Fri, 24 Mar 2023 18:30:27 -0400
Message-Id: <20230324223034.1560-6-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: nvu0Sw9Vcj0WAlSoHoxp2hVFx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697069;
 bh=j2yhqZhXUL7r9j/W/sFMlnCVFA6YOzrboshr5O1rhc8=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=qyQiyva1qObS/gQSJjDTTCRY5qDoBKMuB6YMI4GSsS8u5B9ydA0ecWsFjHGC03LqjPB
 ykWvPasdR1MSkCJBhfJDsObIQ1mE2nIP7sMtGWMIsitq2a6COOiRGxA6WikMkBojUZVVO
 TIYqA3YP0SseGmo3s+4wxZyzTvlcRGyDnoA=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697071576100006
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c                        |  5 +--
 MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c                           | 24 +++++++=
+------
 MdeModulePkg/Core/Dxe/Mem/Page.c                              | 17 +++++--=
---
 MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c | 25 +++++++=
++------
 MdeModulePkg/Library/FileExplorerLib/FileExplorer.c           |  5 ++-
 MdeModulePkg/Universal/BdsDxe/BdsEntry.c                      | 33 +++++++=
++++---------
 MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c      | 11 ++++---
 MdeModulePkg/Universal/HiiDatabaseDxe/Font.c                  | 14 ++++++-=
--
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c         |  2 +-
 9 files changed, 80 insertions(+), 56 deletions(-)

diff --git a/MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c b/MdeModulePkg/Bus/Pci/=
PciBusDxe/PciIo.c
index 843815d0cb18..14bed5472958 100644
--- a/MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c
+++ b/MdeModulePkg/Bus/Pci/PciBusDxe/PciIo.c
@@ -1407,6 +1407,7 @@ SupportPaletteSnoopAttributes (
   IN EFI_PCI_IO_PROTOCOL_ATTRIBUTE_OPERATION  Operation
   )
 {
+  EFI_STATUS     Status;
   PCI_IO_DEVICE  *Temp;
   UINT16         VGACommand;
=20
@@ -1444,13 +1445,13 @@ SupportPaletteSnoopAttributes (
   // Check if they are on the same bus
   //
   if (Temp->Parent =3D=3D PciIoDevice->Parent) {
-    PCI_READ_COMMAND_REGISTER (Temp, &VGACommand);
+    Status =3D PCI_READ_COMMAND_REGISTER (Temp, &VGACommand);
=20
     //
     // If they are on the same bus, either one can
     // be set to snoop, the other set to decode
     //
-    if ((VGACommand & EFI_PCI_COMMAND_VGA_PALETTE_SNOOP) !=3D 0) {
+    if (!EFI_ERROR (Status) && ((VGACommand & EFI_PCI_COMMAND_VGA_PALETTE_=
SNOOP) !=3D 0)) {
       //
       // VGA has set to snoop, so GFX can be only set to disable snoop
       //
diff --git a/MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c b/MdeModulePkg/Bus/Pci/Uhc=
iDxe/Uhci.c
index 48741085e507..496ffbd5c4cc 100644
--- a/MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c
+++ b/MdeModulePkg/Bus/Pci/UhciDxe/Uhci.c
@@ -730,10 +730,12 @@ Uhci2ControlTransfer (
=20
   Uhc->PciIo->Flush (Uhc->PciIo);
=20
-  *TransferResult =3D QhResult.Result;
+  if (!EFI_ERROR (Status)) {
+    *TransferResult =3D QhResult.Result;
=20
-  if (DataLength !=3D NULL) {
-    *DataLength =3D QhResult.Complete;
+    if (DataLength !=3D NULL) {
+      *DataLength =3D QhResult.Complete;
+    }
   }
=20
   UhciDestoryTds (Uhc, TDs);
@@ -884,9 +886,11 @@ Uhci2BulkTransfer (
=20
   Uhc->PciIo->Flush (Uhc->PciIo);
=20
-  *TransferResult =3D QhResult.Result;
-  *DataToggle     =3D QhResult.NextToggle;
-  *DataLength     =3D QhResult.Complete;
+  if (!EFI_ERROR (Status)) {
+    *TransferResult =3D QhResult.Result;
+    *DataToggle     =3D QhResult.NextToggle;
+    *DataLength     =3D QhResult.Complete;
+  }
=20
   UhciDestoryTds (Uhc, TDs);
   Uhc->PciIo->Unmap (Uhc->PciIo, DataMap);
@@ -1210,9 +1214,11 @@ Uhci2SyncInterruptTransfer (
   UhciUnlinkTdFromQh (Uhc->SyncIntQh, TDs);
   Uhc->PciIo->Flush (Uhc->PciIo);
=20
-  *TransferResult =3D QhResult.Result;
-  *DataToggle     =3D QhResult.NextToggle;
-  *DataLength     =3D QhResult.Complete;
+  if (!EFI_ERROR (Status)) {
+    *TransferResult =3D QhResult.Result;
+    *DataToggle     =3D QhResult.NextToggle;
+    *DataLength     =3D QhResult.Complete;
+  }
=20
   UhciDestoryTds (Uhc, TDs);
   Uhc->PciIo->Unmap (Uhc->PciIo, DataMap);
diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P=
age.c
index 5903ce7ab525..41af50b3d5ab 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Page.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Page.c
@@ -449,14 +449,15 @@ PromoteMemoryResource (
     //
     Promoted =3D PromoteGuardedFreePages (&StartAddress, &EndAddress);
     if (Promoted) {
-      CoreGetMemorySpaceDescriptor (StartAddress, &Descriptor);
-      CoreAddRange (
-        EfiConventionalMemory,
-        StartAddress,
-        EndAddress,
-        Descriptor.Capabilities & ~(EFI_MEMORY_PRESENT | EFI_MEMORY_INITIA=
LIZED |
-                                    EFI_MEMORY_TESTED | EFI_MEMORY_RUNTIME)
-        );
+      if (!EFI_ERROR (CoreGetMemorySpaceDescriptor (StartAddress, &Descrip=
tor))) {
+        CoreAddRange (
+          EfiConventionalMemory,
+          StartAddress,
+          EndAddress,
+          Descriptor.Capabilities & ~(EFI_MEMORY_PRESENT | EFI_MEMORY_INIT=
IALIZED |
+                                      EFI_MEMORY_TESTED | EFI_MEMORY_RUNTI=
ME)
+          );
+      }
     }
   }
=20
diff --git a/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c =
b/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c
index cdaa2db15365..e22aaf3039f1 100644
--- a/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c
+++ b/MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootOption.c
@@ -909,23 +909,28 @@ BootFromFile (
   IN EFI_DEVICE_PATH_PROTOCOL  *FilePath
   )
 {
+  EFI_STATUS                    Status;
   EFI_BOOT_MANAGER_LOAD_OPTION  BootOption;
   CHAR16                        *FileName;
=20
+  Status   =3D EFI_NOT_STARTED;
   FileName =3D NULL;
=20
   FileName =3D ExtractFileNameFromDevicePath (FilePath);
   if (FileName !=3D NULL) {
-    EfiBootManagerInitializeLoadOption (
-      &BootOption,
-      0,
-      LoadOptionTypeBoot,
-      LOAD_OPTION_ACTIVE,
-      FileName,
-      FilePath,
-      NULL,
-      0
-      );
+    Status =3D EfiBootManagerInitializeLoadOption (
+               &BootOption,
+               0,
+               LoadOptionTypeBoot,
+               LOAD_OPTION_ACTIVE,
+               FileName,
+               FilePath,
+               NULL,
+               0
+               );
+  }
+
+  if (!EFI_ERROR (Status)) {
     //
     // Since current no boot from removable media directly is allowed */
     //
diff --git a/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c b/MdeModul=
ePkg/Library/FileExplorerLib/FileExplorer.c
index ef949267fcc2..804a03d868f2 100644
--- a/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
+++ b/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
@@ -1075,7 +1075,10 @@ LibCreateNewFile (
   NewHandle    =3D NULL;
   FullFileName =3D NULL;
=20
-  LibGetFileHandleFromDevicePath (gFileExplorerPrivate.RetDevicePath, &Fil=
eHandle, &ParentName, &DeviceHandle);
+  if (EFI_ERROR (LibGetFileHandleFromDevicePath (gFileExplorerPrivate.RetD=
evicePath, &FileHandle, &ParentName, &DeviceHandle))) {
+    return EFI_DEVICE_ERROR;
+  }
+
   FullFileName =3D LibAppendFileName (ParentName, FileName);
   if (FullFileName =3D=3D NULL) {
     return EFI_OUT_OF_RESOURCES;
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Univer=
sal/BdsDxe/BdsEntry.c
index 766dde3aaeeb..72de8d3211b7 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -691,6 +691,7 @@ BdsEntry (
   EFI_DEVICE_PATH_PROTOCOL        *FilePath;
   EFI_STATUS                      BootManagerMenuStatus;
   EFI_BOOT_MANAGER_LOAD_OPTION    PlatformDefaultBootOption;
+  BOOLEAN                         PlatformDefaultBootOptionValid;
=20
   HotkeyTriggered =3D NULL;
   Status          =3D EFI_SUCCESS;
@@ -809,24 +810,24 @@ BdsEntry (
     CpuDeadLoop ();
   }
=20
-  Status =3D EfiBootManagerInitializeLoadOption (
-             &PlatformDefaultBootOption,
-             LoadOptionNumberUnassigned,
-             LoadOptionTypePlatformRecovery,
-             LOAD_OPTION_ACTIVE,
-             L"Default PlatformRecovery",
-             FilePath,
-             NULL,
-             0
-             );
-  ASSERT_EFI_ERROR (Status);
+  PlatformDefaultBootOptionValid =3D EfiBootManagerInitializeLoadOption (
+                                     &PlatformDefaultBootOption,
+                                     LoadOptionNumberUnassigned,
+                                     LoadOptionTypePlatformRecovery,
+                                     LOAD_OPTION_ACTIVE,
+                                     L"Default PlatformRecovery",
+                                     FilePath,
+                                     NULL,
+                                     0
+                                     ) =3D=3D EFI_SUCCESS;
+  ASSERT (PlatformDefaultBootOptionValid =3D=3D TRUE);
=20
   //
   // System firmware must include a PlatformRecovery#### variable specifyi=
ng
   // a short-form File Path Media Device Path containing the platform defa=
ult
   // file path for removable media if the platform supports Platform Recov=
ery.
   //
-  if (PcdGetBool (PcdPlatformRecoverySupport)) {
+  if (PlatformDefaultBootOptionValid && PcdGetBool (PcdPlatformRecoverySup=
port)) {
     LoadOptions =3D EfiBootManagerGetLoadOptions (&LoadOptionCount, LoadOp=
tionTypePlatformRecovery);
     if (EfiBootManagerFindLoadOption (&PlatformDefaultBootOption, LoadOpti=
ons, LoadOptionCount) =3D=3D -1) {
       for (Index =3D 0; Index < LoadOptionCount; Index++) {
@@ -1104,15 +1105,17 @@ BdsEntry (
       LoadOptions =3D EfiBootManagerGetLoadOptions (&LoadOptionCount, Load=
OptionTypePlatformRecovery);
       ProcessLoadOptions (LoadOptions, LoadOptionCount);
       EfiBootManagerFreeLoadOptions (LoadOptions, LoadOptionCount);
-    } else {
+    } else if (PlatformDefaultBootOptionValid) {
       //
       // When platform recovery is not enabled, still boot to platform def=
ault file path.
       //
-      EfiBootManagerProcessLoadOption (&PlatformDefaultBootOption);
+      PlatformDefaultBootOptionValid =3D EfiBootManagerProcessLoadOption (=
&PlatformDefaultBootOption) =3D=3D EFI_SUCCESS;
     }
   }
=20
-  EfiBootManagerFreeLoadOption (&PlatformDefaultBootOption);
+  if (PlatformDefaultBootOptionValid) {
+    EfiBootManagerFreeLoadOption (&PlatformDefaultBootOption);
+  }
=20
   DEBUG ((DEBUG_ERROR, "[Bds] Unable to boot!\n"));
   PlatformBootManagerUnableToBoot ();
diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c b/Mde=
ModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c
index dca3c1df07ba..0d4cfa4cf06f 100644
--- a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c
+++ b/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c
@@ -944,13 +944,14 @@ PrintMismatchMenuInfo (
   UINTN                          FormsetBufferSize;
=20
   Question =3D MenuOption->ThisTag;
-  HiiGetFormSetFromHiiHandle (gFormData->HiiHandle, &FormsetBuffer, &Forms=
etBufferSize);
=20
-  FormSetTitleStr =3D GetToken (FormsetBuffer->FormSetTitle, gFormData->Hi=
iHandle);
-  FormTitleStr    =3D GetToken (gFormData->FormTitle, gFormData->HiiHandle=
);
+  if (!EFI_ERROR (HiiGetFormSetFromHiiHandle (gFormData->HiiHandle, &Forms=
etBuffer, &FormsetBufferSize))) {
+    FormSetTitleStr =3D GetToken (FormsetBuffer->FormSetTitle, gFormData->=
HiiHandle);
+    FormTitleStr    =3D GetToken (gFormData->FormTitle, gFormData->HiiHand=
le);
=20
-  DEBUG ((DEBUG_ERROR, "\n[%a]: Mismatch Formset    : Formset Guid =3D %g,=
  FormSet title =3D %s\n", gEfiCallerBaseName, &gFormData->FormSetGuid, For=
mSetTitleStr));
-  DEBUG ((DEBUG_ERROR, "[%a]: Mismatch Form       : FormId =3D %d,  Form t=
itle =3D %s.\n", gEfiCallerBaseName, gFormData->FormId, FormTitleStr));
+    DEBUG ((DEBUG_ERROR, "\n[%a]: Mismatch Formset    : Formset Guid =3D %=
g,  FormSet title =3D %s\n", gEfiCallerBaseName, &gFormData->FormSetGuid, F=
ormSetTitleStr));
+    DEBUG ((DEBUG_ERROR, "[%a]: Mismatch Form       : FormId =3D %d,  Form=
 title =3D %s.\n", gEfiCallerBaseName, gFormData->FormId, FormTitleStr));
+  }
=20
   if (Question->OpCode->OpCode =3D=3D EFI_IFR_ORDERED_LIST_OP) {
     QuestionName =3D GetToken (((EFI_IFR_ORDERED_LIST *)MenuOption->ThisTa=
g->OpCode)->Question.Header.Prompt, gFormData->HiiHandle);
diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c b/MdeModulePkg/Un=
iversal/HiiDatabaseDxe/Font.c
index 399f90feb783..8a0b12f72fbe 100644
--- a/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c
+++ b/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c
@@ -1745,6 +1745,7 @@ HiiStringToImage (
   Attributes =3D (UINT8 *)AllocateZeroPool (StrLength * sizeof (UINT8));
   ASSERT (Attributes !=3D NULL);
=20
+  FontInfo      =3D NULL;
   RowInfo       =3D NULL;
   Status        =3D EFI_SUCCESS;
   StringIn2     =3D NULL;
@@ -1787,11 +1788,14 @@ HiiStringToImage (
       Background  =3D ((EFI_FONT_DISPLAY_INFO *)StringInfo)->BackgroundCol=
or;
     } else if (Status =3D=3D EFI_SUCCESS) {
       FontInfo =3D &StringInfoOut->FontInfo;
-      IsFontInfoExisted (Private, FontInfo, NULL, NULL, &GlobalFont);
-      Height     =3D GlobalFont->FontPackage->Height;
-      BaseLine   =3D GlobalFont->FontPackage->BaseLine;
-      Foreground =3D StringInfoOut->ForegroundColor;
-      Background =3D StringInfoOut->BackgroundColor;
+      if (IsFontInfoExisted (Private, FontInfo, NULL, NULL, &GlobalFont)) {
+        Height     =3D GlobalFont->FontPackage->Height;
+        BaseLine   =3D GlobalFont->FontPackage->BaseLine;
+        Foreground =3D StringInfoOut->ForegroundColor;
+        Background =3D StringInfoOut->BackgroundColor;
+      } else {
+        goto Exit;
+      }
     } else {
       goto Exit;
     }
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeMod=
ulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 14c176887a55..3eb7d935b4d2 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -2453,7 +2453,7 @@ VariableServiceGetVariable (
   AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.Variab=
leServicesLock);
=20
   Status =3D FindVariable (VariableName, VendorGuid, &Variable, &mVariable=
ModuleGlobal->VariableGlobal, FALSE);
-  if ((Variable.CurrPtr =3D=3D NULL) || EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status) || (Variable.CurrPtr =3D=3D NULL)) {
     goto Done;
   }
=20
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101849): https://edk2.groups.io/g/devel/message/101849
Mute This Topic: https://groups.io/mt/97834579/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101850+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101850+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697072; cv=none;
	d=zohomail.com; s=zohoarc;
	b=CBliPXB9FBF6Zs7AMhFo34RIlCItVcvaMN4IeZbGGy0u2gAgwcJCtV7v8Imd9+ZpXjhM9br9nuZ0sD0UiBkpssrYTnXrjIcx130oTFEMem91U5zgDOOUNoLWOX5B/djFI5FtFZ46BbPO0InP9r+V5u4J6Rrx2zg35I8NM35PhHU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697072;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=GLL+DcVec7JiK8A9fNXrqTzfqqjMMLkRsVpM8fGtWhE=;
	b=gmJxxk9vByUB3+0LGjGPfCiZsZgxoAFdsiP9OIy4UJ6lhGczLvc9ThdKpAWvLiMySirb9siyqI84xqMPxSCWSSmeyKG+AXp5pv7XJZYjn+UAncxGCU6TIzx9kncbROKbhveWeS7bvlfsJhiIrE0l5IBmHmX4KgW47944KDrdUaU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101850+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697072237958.3096239518667;
 Fri, 24 Mar 2023 15:31:12 -0700 (PDT)
Return-Path: <bounce+27952+101850+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id Rk3TYY1788612xkB1lLK24yj;
 Fri, 24 Mar 2023 15:31:11 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10574.1679697071185395280
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:11 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 1B8CB20FC4D5;
	Fri, 24 Mar 2023 15:31:10 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 1B8CB20FC4D5
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>
Subject: [edk2-devel] [PATCH v7 06/12] MdePkg: Fix conditionally uninitialized
 variables
Date: Fri, 24 Mar 2023 18:30:28 -0400
Message-Id: <20230324223034.1560-7-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: HonUxMu3AFC47peYcJmqH6Tbx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697071;
 bh=nfE1HilMw5dDFLB1nBysB7lxRCqklXWF0PRrj7Y8ob8=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=UtqNOz3S7q+tcW/WLCQDgelJFzMXl3wQ877FXT7WometaicgrknQ7YR0B965RaBxsij
 PRUZOvRomXIGeyW4lZtZeGDJIcpxtHtjbDe+cNN7v06sOJq514XU36BipIguh3KavH5sD
 sMCV6QxP0WA31zJFDdBkpoAabMgvNLnK1jQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697073551100010
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Note that this change affects the actual return value from the
following functions. The functions documented that if an integer
overflow occurred, MAX_UINTN would be returned. They were
implemented to actually return an undefined value from the stack.

This change makes the function follow its description. However, this
is technically different than what callers may have previously
expected.

MdePkg/Library/BaseLib/String.c:
  - StrDecimalToUintn()
  - StrDecimalToUint64()
  - StrHexToUintn()
  - StrHexToUint64()
  - AsciiStrDecimalToUintn()
  - AsciiStrDecimalToUint64()
  - AsciiStrHexToUintn()
  - AsciiStrHexToUint64()

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 MdePkg/Library/BaseLib/String.c | 40 ++++++++++++++++----
 1 file changed, 32 insertions(+), 8 deletions(-)

diff --git a/MdePkg/Library/BaseLib/String.c b/MdePkg/Library/BaseLib/Strin=
g.c
index 98e6d31463e0..637c96e7b31b 100644
--- a/MdePkg/Library/BaseLib/String.c
+++ b/MdePkg/Library/BaseLib/String.c
@@ -408,7 +408,10 @@ StrDecimalToUintn (
 {
   UINTN  Result;
=20
-  StrDecimalToUintnS (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrDecimalToUintnS (String, (CHAR16 **)NULL, &Result))=
) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -454,7 +457,10 @@ StrDecimalToUint64 (
 {
   UINT64  Result;
=20
-  StrDecimalToUint64S (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrDecimalToUint64S (String, (CHAR16 **)NULL, &Result)=
)) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -501,7 +507,10 @@ StrHexToUintn (
 {
   UINTN  Result;
=20
-  StrHexToUintnS (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrHexToUintnS (String, (CHAR16 **)NULL, &Result))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -548,7 +557,10 @@ StrHexToUint64 (
 {
   UINT64  Result;
=20
-  StrHexToUint64S (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrHexToUint64S (String, (CHAR16 **)NULL, &Result))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -989,7 +1001,10 @@ AsciiStrDecimalToUintn (
 {
   UINTN  Result;
=20
-  AsciiStrDecimalToUintnS (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrDecimalToUintnS (String, (CHAR8 **)NULL, &Resu=
lt))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -1031,7 +1046,10 @@ AsciiStrDecimalToUint64 (
 {
   UINT64  Result;
=20
-  AsciiStrDecimalToUint64S (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrDecimalToUint64S (String, (CHAR8 **)NULL, &Res=
ult))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -1077,7 +1095,10 @@ AsciiStrHexToUintn (
 {
   UINTN  Result;
=20
-  AsciiStrHexToUintnS (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrHexToUintnS (String, (CHAR8 **)NULL, &Result))=
) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -1123,7 +1144,10 @@ AsciiStrHexToUint64 (
 {
   UINT64  Result;
=20
-  AsciiStrHexToUint64S (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrHexToUint64S (String, (CHAR8 **)NULL, &Result)=
)) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101850): https://edk2.groups.io/g/devel/message/101850
Mute This Topic: https://groups.io/mt/97834580/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101851+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101851+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697074; cv=none;
	d=zohomail.com; s=zohoarc;
	b=IijMgH8kmM1/0j/2Jda0OED3bQtObpQk9fN7FjwGozpD6TybkvUXfw0IPGQlWWWNs8+xMd/vo7J/NMUk+FHxCaiVh00Bi+6UJJb4+YGYt9wB6A0E0b7sJ3fvk/YG4BgykOYjP3hvqlMfkFiZ5X2DsTCTAdRgsVXV4QP7FIcyS4M=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697074;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=bgKSEbN2Keng+eHJ1XaaabtZ9P74cNciS+0bQBrk3fI=;
	b=Xdd2M6FpGyrVhAMrkzlsCmDUECng9igspYEa+m1iz1tiq2nj2s2SZTBzVFU6gqYz4ACNvYMDiy6rvHFV/m6kcvnm2I6UO6l14PiFoUaaCwyMsAgAB4m4P6L+cLNnPKpLy2wD+Vg0nIbOA3aRJGTdxqq9r2BdVmijc26cTfoXRUY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101851+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697074729847.4694013299987;
 Fri, 24 Mar 2023 15:31:14 -0700 (PDT)
Return-Path: <bounce+27952+101851+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 9BHiYY1788612xniuiB8Zai9;
 Fri, 24 Mar 2023 15:31:14 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.10541.1679697073845069377
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:13 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id AF00120FC4D8;
	Fri, 24 Mar 2023 15:31:12 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com AF00120FC4D8
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Jiaxin Wu <jiaxin.wu@intel.com>,
	Maciej Rabeda <maciej.rabeda@linux.intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Siyuan Fu <siyuan.fu@intel.com>
Subject: [edk2-devel] [PATCH v7 07/12] NetworkPkg: Fix conditionally
 uninitialized variables
Date: Fri, 24 Mar 2023 18:30:29 -0400
Message-Id: <20230324223034.1560-8-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: bSI2Tj6ksVEF0Q65EBPbcZLgx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697074;
 bh=ie8/wkeiZgdRYsWqRZhmiioWZnweBOgGdYdMmc3cdZI=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=I7i6WVP+07NXx7C+wRQ2y/fjVDTiJCqP6eVSITpvIAC+5xmy6H8Dw5p8Lfy3bPtFexx
 +AvS92EAF5giBedCs2cTV/xwS5HN8FfGakW3YSJXVrwArDz/vkGwHDUpoyaP7XyTrP5WF
 4+y5BSmblSThNC/gPm7MQIZaTjR0fJxJCFw=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697075533100014
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c | 2 +-
 NetworkPkg/TcpDxe/TcpInput.c               | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c b/NetworkPkg/Librar=
y/DxeHttpLib/DxeHttpLib.c
index 6a5d78629bb3..21813463aa4f 100644
--- a/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c
+++ b/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c
@@ -753,7 +753,7 @@ HttpUrlGetPort (
=20
   Status =3D  AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FI=
ELD_PORT].Offset, (CHAR8 **)NULL, &Data);
=20
-  if (Data > HTTP_URI_PORT_MAX_NUM) {
+  if (EFI_ERROR (Status) || (Data > HTTP_URI_PORT_MAX_NUM)) {
     Status =3D EFI_INVALID_PARAMETER;
     goto ON_EXIT;
   }
diff --git a/NetworkPkg/TcpDxe/TcpInput.c b/NetworkPkg/TcpDxe/TcpInput.c
index fb1aa827f8ba..7b329be64dfe 100644
--- a/NetworkPkg/TcpDxe/TcpInput.c
+++ b/NetworkPkg/TcpDxe/TcpInput.c
@@ -1570,6 +1570,9 @@ TcpIcmpInput (
   BOOLEAN     IcmpErrIsHard;
   BOOLEAN     IcmpErrNotify;
=20
+  IcmpErrIsHard =3D FALSE;
+  IcmpErrNotify =3D FALSE;
+
   if (Nbuf->TotalSize < sizeof (TCP_HEAD)) {
     goto CLEAN_EXIT;
   }
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101851): https://edk2.groups.io/g/devel/message/101851
Mute This Topic: https://groups.io/mt/97834582/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101852+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101852+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697077; cv=none;
	d=zohomail.com; s=zohoarc;
	b=eKTVXN/rS72Wgkz2Cph898HumI+kAhQRF0lpff20sLsD2SjnvfAThmaOp6Mpj6hZddNvfhLAJaqqwWH+b0jGKzWSoaFv0E4Ica3+ns/1RYgVllCJxzu4OIRH2PmC1ibCRx7gy2aaPJsi2AtnJWQZLxQ+D1aX4XEsKjE+5Ey2XJM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697077;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=IPjeiK6Th8+EL/XRiJ39f3oH2BvuAf5SfMV4dDoxbgE=;
	b=dFt+YdQ7Vc8ZMQWPhA6j05cavJ//zG/WyHWYanM4oiokG3CYZoMoJoDAvj6nhgV6nPvGFyEZ0fMnVmOGcvxYniCUofw/3tZkn+blA5XAMvS8bsqSws7Wb7gBQI2uOEiBg6mOyf8HwMoA/trE/NJcKnXYjSfZZ8KC99d3dlhHhf8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101852+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697077124296.62168859914016;
 Fri, 24 Mar 2023 15:31:17 -0700 (PDT)
Return-Path: <bounce+27952+101852+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id Eb4hYY1788612xR2z4FY03WS;
 Fri, 24 Mar 2023 15:31:16 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10576.1679697076336675451
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:16 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 5734E20FC4E1;
	Fri, 24 Mar 2023 15:31:15 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 5734E20FC4E1
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Ray Ni <ray.ni@intel.com>
Subject: [edk2-devel] [PATCH v7 08/12] PcAtChipsetPkg: Fix conditionally
 uninitialized variables
Date: Fri, 24 Mar 2023 18:30:30 -0400
Message-Id: <20230324223034.1560-9-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: EAvTYwvAFbi7yUM4qdaho4bfx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697076;
 bh=LmbR3O/lK8gKvlwybBI4HOItgjB3/IMAgGX4jAIG4Rk=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=Oad4Rxnsz2Jv2p66aS/C9/4wzejzFE94WrW+yTlJEaR9nh89HctYzRoWZzbDDQoBJkC
 YsLAoCb5pbCeJLD2o7JPl5Zi7LJWEkoZczw1hstzK/UA+1dcwIbjK1QNl7oz6fID2A17L
 838Ms59cNgr3oC8poMf7l6K9oRUV2i/wv/I=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697077552100017
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c b/PcAtChips=
etPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c
index 9242a2e82600..57ea3153aa6b 100644
--- a/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c
+++ b/PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcRtc.c
@@ -344,7 +344,7 @@ PcRtcInit (
   // so we can use them to get and set wakeup time.
   //
   Status =3D PcRtcGetWakeupTime (&Enabled, &Pending, &Time, Global);
-  if ((Enabled) || (!EFI_ERROR (Status))) {
+  if ((!EFI_ERROR (Status)) || (Enabled)) {
     return EFI_SUCCESS;
   }
=20
@@ -836,8 +836,11 @@ PcRtcSetWakeupTime (
     //
     // Just support set alarm time within 24 hours
     //
-    PcRtcGetTime (&RtcTime, &Capabilities, Global);
-    Status =3D RtcTimeFieldsValid (&RtcTime);
+    Status =3D PcRtcGetTime (&RtcTime, &Capabilities, Global);
+    if (!EFI_ERROR (Status)) {
+      Status =3D RtcTimeFieldsValid (&RtcTime);
+    }
+
     if (EFI_ERROR (Status)) {
       return EFI_DEVICE_ERROR;
     }
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101852): https://edk2.groups.io/g/devel/message/101852
Mute This Topic: https://groups.io/mt/97834586/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101853+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101853+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697079; cv=none;
	d=zohomail.com; s=zohoarc;
	b=JfclLSJcFdNJzgYb7PdSWqRbc5FmUc+Da17Q5tISuHcBMmPza8KBkp3A/g9kD0wWto66i4iz4LeBrNuYmVO7x8VEVU6tnS+MOi8DsmfEvb7n7WouwOoGuKEID5gsWO4Ehoxp/YDvJ5IWPRAttgXQELXat/MwQmP2oUa1NPiK4SU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697079;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=yvOKzjt5WuRGdmKVtSfjfQDOmaVkGPHL3ru2rWXMiXU=;
	b=jlEXLWhoYhdNPC6llS+F23aW1/aL8K/0kSx0hZMax/Gw7VSchSlH6EpiN53IiSGMCqKVfdqckxDa3cu5H3b6AOq4Tl+drs3na3eV2K5OzlqwW0Thg2ZmEcx96rApg+cMRm3kck48Tj1tinw8JUl6maXVgMkpUb2HlySTSYikXZE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101853+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697079929514.0319525366228;
 Fri, 24 Mar 2023 15:31:19 -0700 (PDT)
Return-Path: <bounce+27952+101853+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id qyS1YY1788612xKXcEvTfGQ1;
 Fri, 24 Mar 2023 15:31:19 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10578.1679697079035228437
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:19 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id E95C720FC4DD;
	Fri, 24 Mar 2023 15:31:17 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E95C720FC4DD
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Ray Ni <ray.ni@intel.com>,
	Zhichao Gao <zhichao.gao@intel.com>
Subject: [edk2-devel] [PATCH v7 09/12] ShellPkg: Fix conditionally
 uninitialized variables
Date: Fri, 24 Mar 2023 18:30:31 -0400
Message-Id: <20230324223034.1560-10-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: 6ZNFNO8DwwPaw4tPaaN1mixGx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697079;
 bh=EyvWOcGesQUw+LEYOeAgtBkz2GoYyG+Bo3BUa9aCb/4=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=FI+b78gjRIthqg2UKYYfUu0mqGV4GFd2JAgCdbaSVmVkD3fsxIThHDJtJ1GnndAxcIo
 HVWiAFyyP8NMOa+Hy1djwxtNSYFBRIvB8ibpFyEoQvKadIVqxpVs8X7MTI0Dq2sv1sZrk
 40M9PmkLSJTGOvr9juLpZbcGEV+1TqOtaXc=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697081677100002
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Zhichao Gao <zhichao.gao@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 ShellPkg/Application/Shell/Shell.c                          |  1 +
 ShellPkg/Application/Shell/ShellProtocol.c                  | 60 +++++++++=
+----------
 ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c  | 56 +++++++++=
---------
 ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c          | 18 +++---
 ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c |  9 ++-
 ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c      | 14 +++--
 ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c   | 17 ++++--
 ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c      | 21 +++----
 8 files changed, 107 insertions(+), 89 deletions(-)

diff --git a/ShellPkg/Application/Shell/Shell.c b/ShellPkg/Application/Shel=
l/Shell.c
index 0ae6e14a34bf..f95c799bb2a4 100644
--- a/ShellPkg/Application/Shell/Shell.c
+++ b/ShellPkg/Application/Shell/Shell.c
@@ -1300,6 +1300,7 @@ DoStartupScript (
   CHAR16         *FullFileStringPath;
   UINTN          NewSize;
=20
+  CalleeStatus    =3D EFI_SUCCESS;
   Key.UnicodeChar =3D CHAR_NULL;
   Key.ScanCode    =3D 0;
=20
diff --git a/ShellPkg/Application/Shell/ShellProtocol.c b/ShellPkg/Applicat=
ion/Shell/ShellProtocol.c
index e6d20ab16479..da8c31cb038a 100644
--- a/ShellPkg/Application/Shell/ShellProtocol.c
+++ b/ShellPkg/Application/Shell/ShellProtocol.c
@@ -735,50 +735,52 @@ EfiShellGetDeviceName (
     //
     // Now check the parent controller using this as the child.
     //
-    if (DeviceNameToReturn =3D=3D NULL) {
-      PARSE_HANDLE_DATABASE_PARENTS (DeviceHandle, &ParentControllerCount,=
 &ParentControllerBuffer);
+    Status =3D PARSE_HANDLE_DATABASE_PARENTS (DeviceHandle, &ParentControl=
lerCount, &ParentControllerBuffer);
+    if ((DeviceNameToReturn =3D=3D NULL) && !EFI_ERROR (Status)) {
       for (LoopVar =3D 0; LoopVar < ParentControllerCount; LoopVar++) {
-        PARSE_HANDLE_DATABASE_UEFI_DRIVERS (ParentControllerBuffer[LoopVar=
], &ParentDriverCount, &ParentDriverBuffer);
-        for (HandleCount =3D 0; HandleCount < ParentDriverCount; HandleCou=
nt++) {
-          //
-          // try using that driver's component name with controller and ou=
r driver as the child.
-          //
-          Status =3D gBS->OpenProtocol (
-                          ParentDriverBuffer[HandleCount],
-                          &gEfiComponentName2ProtocolGuid,
-                          (VOID **)&CompName2,
-                          gImageHandle,
-                          NULL,
-                          EFI_OPEN_PROTOCOL_GET_PROTOCOL
-                          );
-          if (EFI_ERROR (Status)) {
+        Status =3D PARSE_HANDLE_DATABASE_UEFI_DRIVERS (ParentControllerBuf=
fer[LoopVar], &ParentDriverCount, &ParentDriverBuffer);
+        if (!EFI_ERROR (Status)) {
+          for (HandleCount =3D 0; HandleCount < ParentDriverCount; HandleC=
ount++) {
+            //
+            // try using that driver's component name with controller and =
our driver as the child.
+            //
             Status =3D gBS->OpenProtocol (
                             ParentDriverBuffer[HandleCount],
-                            &gEfiComponentNameProtocolGuid,
+                            &gEfiComponentName2ProtocolGuid,
                             (VOID **)&CompName2,
                             gImageHandle,
                             NULL,
                             EFI_OPEN_PROTOCOL_GET_PROTOCOL
                             );
-          }
+            if (EFI_ERROR (Status)) {
+              Status =3D gBS->OpenProtocol (
+                              ParentDriverBuffer[HandleCount],
+                              &gEfiComponentNameProtocolGuid,
+                              (VOID **)&CompName2,
+                              gImageHandle,
+                              NULL,
+                              EFI_OPEN_PROTOCOL_GET_PROTOCOL
+                              );
+            }
+
+            if (EFI_ERROR (Status)) {
+              continue;
+            }
=20
-          if (EFI_ERROR (Status)) {
-            continue;
+            Lang   =3D GetBestLanguageForDriver (CompName2->SupportedLangu=
ages, Language, FALSE);
+            Status =3D CompName2->GetControllerName (CompName2, ParentCont=
rollerBuffer[LoopVar], DeviceHandle, Lang, &DeviceNameToReturn);
+            FreePool (Lang);
+            Lang =3D NULL;
+            if (!EFI_ERROR (Status) && (DeviceNameToReturn !=3D NULL)) {
+              break;
+            }
           }
=20
-          Lang   =3D GetBestLanguageForDriver (CompName2->SupportedLanguag=
es, Language, FALSE);
-          Status =3D CompName2->GetControllerName (CompName2, ParentContro=
llerBuffer[LoopVar], DeviceHandle, Lang, &DeviceNameToReturn);
-          FreePool (Lang);
-          Lang =3D NULL;
+          SHELL_FREE_NON_NULL (ParentDriverBuffer);
           if (!EFI_ERROR (Status) && (DeviceNameToReturn !=3D NULL)) {
             break;
           }
         }
-
-        SHELL_FREE_NON_NULL (ParentDriverBuffer);
-        if (!EFI_ERROR (Status) && (DeviceNameToReturn !=3D NULL)) {
-          break;
-        }
       }
=20
       SHELL_FREE_NON_NULL (ParentControllerBuffer);
diff --git a/ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c b/S=
hellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c
index 36cf46fb2c38..4549cbde9b9a 100644
--- a/ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c
+++ b/ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c
@@ -1399,10 +1399,11 @@ ShellCommandCreateInitialMappingsAndPaths (
   CHAR16                    *MapName;
   SHELL_MAP_LIST            *MapListItem;
=20
-  SplitCurDir =3D NULL;
-  MapName     =3D NULL;
-  MapListItem =3D NULL;
-  HandleList  =3D NULL;
+  ConsistMappingTable =3D NULL;
+  SplitCurDir         =3D NULL;
+  MapName             =3D NULL;
+  MapListItem         =3D NULL;
+  HandleList          =3D NULL;
=20
   //
   // Reset the static members back to zero
@@ -1458,32 +1459,35 @@ ShellCommandCreateInitialMappingsAndPaths (
     //
     PerformQuickSort (DevicePathList, Count, sizeof (EFI_DEVICE_PATH_PROTO=
COL *), DevicePathCompare);
=20
-    ShellCommandConsistMappingInitialize (&ConsistMappingTable);
-    //
-    // Assign new Mappings to all...
-    //
-    for (Count =3D 0; HandleList[Count] !=3D NULL; Count++) {
+    if (!EFI_ERROR (ShellCommandConsistMappingInitialize (&ConsistMappingT=
able))) {
       //
-      // Get default name first
+      // Assign new Mappings to all...
       //
-      NewDefaultName =3D ShellCommandCreateNewMappingName (MappingTypeFile=
System);
-      ASSERT (NewDefaultName !=3D NULL);
-      Status =3D ShellCommandAddMapItemAndUpdatePath (NewDefaultName, Devi=
cePathList[Count], 0, TRUE);
-      ASSERT_EFI_ERROR (Status);
-      FreePool (NewDefaultName);
-
-      //
-      // Now do consistent name
-      //
-      NewConsistName =3D ShellCommandConsistMappingGenMappingName (DeviceP=
athList[Count], ConsistMappingTable);
-      if (NewConsistName !=3D NULL) {
-        Status =3D ShellCommandAddMapItemAndUpdatePath (NewConsistName, De=
vicePathList[Count], 0, FALSE);
+      for (Count =3D 0; HandleList[Count] !=3D NULL; Count++) {
+        //
+        // Get default name first
+        //
+        NewDefaultName =3D ShellCommandCreateNewMappingName (MappingTypeFi=
leSystem);
+        ASSERT (NewDefaultName !=3D NULL);
+        Status =3D ShellCommandAddMapItemAndUpdatePath (NewDefaultName, De=
vicePathList[Count], 0, TRUE);
         ASSERT_EFI_ERROR (Status);
-        FreePool (NewConsistName);
+        FreePool (NewDefaultName);
+
+        //
+        // Now do consistent name
+        //
+        NewConsistName =3D ShellCommandConsistMappingGenMappingName (Devic=
ePathList[Count], ConsistMappingTable);
+        if (NewConsistName !=3D NULL) {
+          Status =3D ShellCommandAddMapItemAndUpdatePath (NewConsistName, =
DevicePathList[Count], 0, FALSE);
+          ASSERT_EFI_ERROR (Status);
+          FreePool (NewConsistName);
+        }
       }
     }
=20
-    ShellCommandConsistMappingUnInitialize (ConsistMappingTable);
+    if (ConsistMappingTable !=3D NULL) {
+      ShellCommandConsistMappingUnInitialize (ConsistMappingTable);
+    }
=20
     SHELL_FREE_NON_NULL (HandleList);
     SHELL_FREE_NON_NULL (DevicePathList);
@@ -1626,12 +1630,12 @@ ShellCommandUpdateMapping (
     //
     PerformQuickSort (DevicePathList, Count, sizeof (EFI_DEVICE_PATH_PROTO=
COL *), DevicePathCompare);
=20
-    ShellCommandConsistMappingInitialize (&ConsistMappingTable);
+    Status =3D ShellCommandConsistMappingInitialize (&ConsistMappingTable);
=20
     //
     // Assign new Mappings to remainders
     //
-    for (Count =3D 0; !EFI_ERROR (Status) && HandleList[Count] !=3D NULL &=
& !EFI_ERROR (Status); Count++) {
+    for (Count =3D 0; !EFI_ERROR (Status) && HandleList[Count] !=3D NULL; =
Count++) {
       //
       // Skip ones that already have
       //
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c b/ShellPkg/=
Library/UefiShellDebug1CommandsLib/Dblk.c
index 97a4b57a932f..5329b559ba46 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
@@ -158,7 +158,10 @@ ShellCommandRunDblk (
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
=20
-        ShellConvertStringToUint64 (LbaString, &Lba, TRUE, FALSE);
+        if (EFI_ERROR (ShellConvertStringToUint64 (LbaString, &Lba, TRUE, =
FALSE))) {
+          ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV),=
 gShellDebug1HiiHandle, L"dblk", LbaString);
+          ShellStatus =3D SHELL_INVALID_PARAMETER;
+        }
       }
=20
       if (BlockCountString =3D=3D NULL) {
@@ -169,12 +172,13 @@ ShellCommandRunDblk (
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
=20
-        ShellConvertStringToUint64 (BlockCountString, &BlockCount, TRUE, F=
ALSE);
-        if (BlockCount > 0x10) {
-          BlockCount =3D 0x10;
-        } else if (BlockCount =3D=3D 0) {
-          ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV),=
 gShellDebug1HiiHandle, L"dblk", BlockCountString);
-          ShellStatus =3D SHELL_INVALID_PARAMETER;
+        if (!EFI_ERROR (ShellConvertStringToUint64 (BlockCountString, &Blo=
ckCount, TRUE, FALSE))) {
+          if (BlockCount > 0x10) {
+            BlockCount =3D 0x10;
+          } else if (BlockCount =3D=3D 0) {
+            ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_PARAM_INV=
), gShellDebug1HiiHandle, L"dblk", BlockCountString);
+            ShellStatus =3D SHELL_INVALID_PARAMETER;
+          }
         }
       }
=20
diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c b/=
ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c
index 8bf23a2076a1..72f8c087cb69 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/EfiDecompress.c
@@ -112,10 +112,13 @@ ShellCommandRunEfiDecompress (
=20
         if (ShellStatus =3D=3D SHELL_SUCCESS) {
           Status =3D FileHandleGetSize (InFileHandle, &Temp64Bit);
-          ASSERT (Temp64Bit <=3D (UINT32)(-1));
-          InSize =3D (UINTN)Temp64Bit;
           ASSERT_EFI_ERROR (Status);
-          InBuffer =3D AllocateZeroPool (InSize);
+          if (!EFI_ERROR (Status)) {
+            ASSERT (Temp64Bit <=3D (UINT32)(-1));
+            InSize   =3D (UINTN)Temp64Bit;
+            InBuffer =3D AllocateZeroPool (InSize);
+          }
+
           if (InBuffer =3D=3D NULL) {
             Status =3D EFI_OUT_OF_RESOURCES;
           } else {
diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c b/Shell=
Pkg/Library/UefiShellDriver1CommandsLib/Connect.c
index d7a133c0c5b4..870c5b0d1da7 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/Connect.c
@@ -508,9 +508,10 @@ ShellCommandRunConnect (
       Count  =3D ShellCommandLineGetCount (Package);
=20
       if (Param1 !=3D NULL) {
-        Status  =3D ShellConvertStringToUint64 (Param1, &Intermediate, TRU=
E, FALSE);
-        Handle1 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
-        if (EFI_ERROR (Status)) {
+        Status =3D ShellConvertStringToUint64 (Param1, &Intermediate, TRUE=
, FALSE);
+        if (!EFI_ERROR (Status)) {
+          Handle1 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+        } else {
           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_INV_HANDLE)=
, gShellDriver1HiiHandle, L"connect", Param1);
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
@@ -519,9 +520,10 @@ ShellCommandRunConnect (
       }
=20
       if (Param2 !=3D NULL) {
-        Status  =3D ShellConvertStringToUint64 (Param2, &Intermediate, TRU=
E, FALSE);
-        Handle2 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
-        if (EFI_ERROR (Status)) {
+        Status =3D ShellConvertStringToUint64 (Param2, &Intermediate, TRUE=
, FALSE);
+        if (!EFI_ERROR (Status)) {
+          Handle2 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+        } else {
           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_INV_HANDLE)=
, gShellDriver1HiiHandle, L"connect", Param2);
           ShellStatus =3D SHELL_INVALID_PARAMETER;
         }
diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c b/Sh=
ellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c
index 009ae5282b27..fd49d1f7ceb4 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/Disconnect.c
@@ -160,12 +160,17 @@ ShellCommandRunDisconnect (
         Param1 =3D ShellCommandLineGetRawValue (Package, 1);
         Param2 =3D ShellCommandLineGetRawValue (Package, 2);
         Param3 =3D ShellCommandLineGetRawValue (Package, 3);
-        ShellConvertStringToUint64 (Param1, &Intermediate1, TRUE, FALSE);
-        Handle1 =3D Param1 !=3D NULL ? ConvertHandleIndexToHandle ((UINTN)=
Intermediate1) : NULL;
-        ShellConvertStringToUint64 (Param2, &Intermediate2, TRUE, FALSE);
-        Handle2 =3D Param2 !=3D NULL ? ConvertHandleIndexToHandle ((UINTN)=
Intermediate2) : NULL;
-        ShellConvertStringToUint64 (Param3, &Intermediate3, TRUE, FALSE);
-        Handle3 =3D Param3 !=3D NULL ? ConvertHandleIndexToHandle ((UINTN)=
Intermediate3) : NULL;
+        if (!EFI_ERROR (ShellConvertStringToUint64 (Param1, &Intermediate1=
, TRUE, FALSE))) {
+          Handle1 =3D Param1 !=3D NULL ? ConvertHandleIndexToHandle ((UINT=
N)Intermediate1) : NULL;
+        }
+
+        if (!EFI_ERROR (ShellConvertStringToUint64 (Param2, &Intermediate2=
, TRUE, FALSE))) {
+          Handle2 =3D Param2 !=3D NULL ? ConvertHandleIndexToHandle ((UINT=
N)Intermediate2) : NULL;
+        }
+
+        if (!EFI_ERROR (ShellConvertStringToUint64 (Param3, &Intermediate3=
, TRUE, FALSE))) {
+          Handle3 =3D Param3 !=3D NULL ? ConvertHandleIndexToHandle ((UINT=
N)Intermediate3) : NULL;
+        }
=20
         if ((Param1 !=3D NULL) && (Handle1 =3D=3D NULL)) {
           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_INV_HANDLE)=
, gShellDriver1HiiHandle, L"disconnect", Param1);
diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c b/Shell=
Pkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c
index c645c9fd6882..8f70d6b6af39 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvDiag.c
@@ -438,25 +438,22 @@ ShellCommandRunDrvDiag (
     ControllerHandleStr =3D ShellCommandLineGetRawValue (Package, 2);
     ChildHandleStr      =3D ShellCommandLineGetRawValue (Package, 3);
=20
-    if (DriverHandleStr =3D=3D NULL) {
-      Handle1 =3D NULL;
-    } else {
-      ShellConvertStringToUint64 (DriverHandleStr, &Intermediate, TRUE, FA=
LSE);
+    if ((DriverHandleStr !=3D NULL) && ShellConvertStringToUint64 (DriverH=
andleStr, &Intermediate, TRUE, FALSE)) {
       Handle1 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+    } else {
+      Handle1 =3D NULL;
     }
=20
-    if (ControllerHandleStr =3D=3D NULL) {
-      Handle2 =3D NULL;
-    } else {
-      ShellConvertStringToUint64 (ControllerHandleStr, &Intermediate, TRUE=
, FALSE);
+    if ((ControllerHandleStr !=3D NULL) && ShellConvertStringToUint64 (Con=
trollerHandleStr, &Intermediate, TRUE, FALSE)) {
       Handle2 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+    } else {
+      Handle2 =3D NULL;
     }
=20
-    if (ChildHandleStr =3D=3D NULL) {
-      Handle3 =3D NULL;
-    } else {
-      ShellConvertStringToUint64 (ChildHandleStr, &Intermediate, TRUE, FAL=
SE);
+    if ((ChildHandleStr !=3D NULL) && ShellConvertStringToUint64 (ChildHan=
dleStr, &Intermediate, TRUE, FALSE)) {
       Handle3 =3D ConvertHandleIndexToHandle ((UINTN)Intermediate);
+    } else {
+      Handle3 =3D NULL;
     }
=20
     Status =3D DoDiagnostics (
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101853): https://edk2.groups.io/g/devel/message/101853
Mute This Topic: https://groups.io/mt/97834589/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101854+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101854+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697084; cv=none;
	d=zohomail.com; s=zohoarc;
	b=DzVp6dTv14W0KZF2Vm/xhxbvALZhOlSMG1m5l/zf2DGTCbS/FJ9LEBcJmXjdDCfD4ELbQ7c/0OKriqnz3sozLlHUI9hLUIyNbbBQ885lmtYEg0C0S8Jj4+i2LoSxKgrDaTFWGSrxVSlVFjDmmc/dJEJA3Kn59whDycWhc0RRUes=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697084;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=YN+RyTDLhFVeF7wFzZHc4jCZgLn6ZowERKixtZUxfJQ=;
	b=dPfaxl78iFf/ZZyZsuxp0Kq973Gq5BNlfxFqcAQuHOV2UQGu1nMEk93AaiBgXVly5igiQhgOX6Oh/uwnm+EVoI+m5E/2tEf7vFrOKq+EIfq/cQGFulF02MVieCkJ8gOD1+yOmbwteyBW1s4yyZVdmmjRL82b6xU9GEkVcJtwP2E=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101854+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697084759696.7667764676459;
 Fri, 24 Mar 2023 15:31:24 -0700 (PDT)
Return-Path: <bounce+27952+101854+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id v5KkYY1788612xQx9s62ZKW9;
 Fri, 24 Mar 2023 15:31:24 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10580.1679697083676137417
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:23 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 6EED420FC4E8;
	Fri, 24 Mar 2023 15:31:20 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 6EED420FC4E8
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Eric Dong <eric.dong@intel.com>,
	Erich McMillan <emcmillan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Ray Ni <ray.ni@intel.com>
Subject: [edk2-devel] [PATCH v7 10/12] UefiCpuPkg: Fix conditionally
 uninitialized variables
Date: Fri, 24 Mar 2023 18:30:32 -0400
Message-Id: <20230324223034.1560-11-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: gKMxemeZVif9FBKBe8AbfsLmx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697084;
 bh=rXxGDOvmtq5kBi+53diQ3/rl0yBCU2FJ38XCysqMiOs=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=mmh99pAhCvl7+5pWNUisFyXhDrLnv3t0X1VO3EyOt+xgVCTBv8OpRtCUppApI3oZV0I
 PlobYxnSYsazdDd6H79ZGiqSAEtKleQAO6eIP6sL3s8duNy/vRt0VCQv4eNkSh/7IIq8P
 MKDwAQavskqWLNzTjSNjXCVF/omD9mt3KS0=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697085653100004
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Cc: Eric Dong <eric.dong@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 UefiCpuPkg/CpuMpPei/CpuBist.c   | 8 +++++++-
 UefiCpuPkg/CpuMpPei/CpuMpPei.c  | 8 +++++++-
 UefiCpuPkg/CpuMpPei/CpuPaging.c | 9 ++++++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/UefiCpuPkg/CpuMpPei/CpuBist.c b/UefiCpuPkg/CpuMpPei/CpuBist.c
index 7dc93cd784d4..78e008703993 100644
--- a/UefiCpuPkg/CpuMpPei/CpuBist.c
+++ b/UefiCpuPkg/CpuMpPei/CpuBist.c
@@ -175,7 +175,13 @@ CollectBistDataFromPpi (
   EFI_SEC_PLATFORM_INFORMATION_RECORD2  *PlatformInformationRecord2;
   EFI_SEC_PLATFORM_INFORMATION_CPU      *CpuInstanceInHob;
=20
-  MpInitLibGetNumberOfProcessors (&NumberOfProcessors, &NumberOfEnabledPro=
cessors);
+  Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, &NumberO=
fEnabledProcessors);
+  ASSERT_EFI_ERROR (Status);
+
+  if (EFI_ERROR (Status)) {
+    NumberOfProcessors        =3D 1;
+    NumberOfEnabledProcessors =3D 1;
+  }
=20
   BistInformationSize =3D sizeof (EFI_SEC_PLATFORM_INFORMATION_RECORD2) +
                         sizeof (EFI_SEC_PLATFORM_INFORMATION_CPU) * Number=
OfProcessors;
diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.c b/UefiCpuPkg/CpuMpPei/CpuMpPei.c
index e7f1fe9f426c..b504bea3cfeb 100644
--- a/UefiCpuPkg/CpuMpPei/CpuMpPei.c
+++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.c
@@ -473,7 +473,13 @@ InitializeMpExceptionStackSwitchHandlers (
     return;
   }
=20
-  MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  ASSERT_EFI_ERROR (Status);
+
+  if (EFI_ERROR (Status)) {
+    NumberOfProcessors =3D 1;
+  }
+
   SwitchStackData =3D AllocatePages (EFI_SIZE_TO_PAGES (NumberOfProcessors=
 * sizeof (EXCEPTION_STACK_SWITCH_CONTEXT)));
   ASSERT (SwitchStackData !=3D NULL);
   ZeroMem (SwitchStackData, NumberOfProcessors * sizeof (EXCEPTION_STACK_S=
WITCH_CONTEXT));
diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin=
g.c
index 135422225340..a471f089c8ae 100644
--- a/UefiCpuPkg/CpuMpPei/CpuPaging.c
+++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c
@@ -538,6 +538,7 @@ SetupStackGuardPage (
   UINTN                 NumberOfProcessors;
   UINTN                 Bsp;
   UINTN                 Index;
+  EFI_STATUS            Status;
=20
   //
   // One extra page at the bottom of the stack is needed for Guard page.
@@ -547,7 +548,13 @@ SetupStackGuardPage (
     ASSERT (FALSE);
   }
=20
-  MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL);
+  ASSERT_EFI_ERROR (Status);
+
+  if (EFI_ERROR (Status)) {
+    NumberOfProcessors =3D 1;
+  }
+
   MpInitLibWhoAmI (&Bsp);
   for (Index =3D 0; Index < NumberOfProcessors; ++Index) {
     StackBase =3D 0;
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101854): https://edk2.groups.io/g/devel/message/101854
Mute This Topic: https://groups.io/mt/97834590/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101855+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101855+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697085; cv=none;
	d=zohomail.com; s=zohoarc;
	b=nDOwwlweuFGIWNqMLq+qIPbwORzZnVpA96gfc7S5unHhxbCrSlX9YcUPfiK2snWxyMYpoxN4hvTgZnyr1+8nUW77CBgDVpeZLNudrdeBYH/ChOaSLZbY3KzMAhvZaTvHelPLn+8XvR2r183bLRCW7gfoMtNQ9MzBb9tvBBzBqMY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697085;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=U3uppRzeVmyt7LjuGrrmeo46ynDA7hLHJLc+HZxmrI8=;
	b=S0HEJNj1/o2oDpIk3TIFj6J4iXBi/kpbfeYLPPl9WJr82Ju7RvHpSs6r/X0eADliz2lwHYJ24D+u0RT0pd30rSPErev5MOykv9eDbfPz+jNNqv9vNQNvJ0o2Y1LuykGQwHkNDMtXcJbPXXrbzm8C3rmNnBLpIE5+SRLVPwcBTpU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101855+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697085187527.4550431778903;
 Fri, 24 Mar 2023 15:31:25 -0700 (PDT)
Return-Path: <bounce+27952+101855+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 5FxHYY1788612xIjznuWsmut;
 Fri, 24 Mar 2023 15:31:24 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10581.1679697084188648028
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:24 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 5512F20FC4EC;
	Fri, 24 Mar 2023 15:31:23 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 5512F20FC4EC
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>
Subject: [edk2-devel] [PATCH v7 11/12] .github/codeql/edk2.qls: Enable CWE
 457, 676, and 758 queries
Date: Fri, 24 Mar 2023 18:30:33 -0400
Message-Id: <20230324223034.1560-12-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: z7TAN9NiJmLIRRM0tXqh1OG9x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697084;
 bh=AMDR1mhbmSZAUyor+MDF5YdWt7Qud9erDgmByi7IPYE=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=rMCdP/q4YpCEjMOT9YnrqEwNKyya2956Y5dWc3eUDYJtpi7OduokrBnja+1MsAAizGt
 l74ZMNODlv9wd/lo0e8/Ly5BnAk13VJ9VseiXLWHebJ9za72QUBsugpnW3xAZjVkhRAgd
 lGD0bFoNcxjkWPAJ3ro2Am9DtWPRTqxLBIk=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697085642100002
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

The previous commits fixed issues with these queries across various
packages. Now that those are resolved, enable the queries in the
edk2 query set so regressions can be found in the future.

Enables:

1. cpp/conditionallyuninitializedvariable
   - CWE: https://cwe.mitre.org/data/definitions/457.html
   - @name Conditionally uninitialized variable
   - @description An initialization function is used to initialize a
                  local variable, but the returned status code is
                  not checked. The variable may be left in an
                  uninitialized state, and reading the variable may
                  result in undefined behavior.
   - @kind problem
   - @problem.severity warning
   - @security-severity 7.8
   - @id cpp/conditionally-uninitialized-variable
   - @tags security
     - external/cwe/cwe-457
2. cpp/pointer-overflow-check
   - CWE: https://cwe.mitre.org/data/definitions/758.html
   - @name Pointer overflow check
   - @description Adding a value to a pointer to check if it
                  overflows relies on undefined behavior and
                  may lead to memory corruption.
   - @kind problem
   - @problem.severity error
   - @security-severity 2.1
   - @precision high
   - @id cpp/pointer-overflow-check
   - @tags reliability
     - security
     - external/cwe/cwe-758
3. cpp/potential-buffer-overflow
   - CWE: https://cwe.mitre.org/data/definitions/676.html
   - @name Potential buffer overflow
   - @description Using a library function that does not check
                  buffer bounds requires the surrounding program
                  to be very carefully written to avoid buffer
                  overflows.
   - @kind problem
   - @id cpp/potential-buffer-overflow
   - @problem.severity warning
   - @security-severity 10.0
   - @tags reliability
     - security
     - external/cwe/cwe-676
   - @deprecated This query is deprecated, use
                 Potentially overrunning write
                 (`cpp/overrunning-write`) and
                 Potentially overrunning write with float to string
                 conversion
                 (`cpp/overrunning-write-with-float`) instead.

Note that cpp/potential-buffer-overflow is deprecated. This query
will be updated to the succeeding queries in the next commit. The
query is used in this commit to show that we considered and tested
the query in history.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 .github/codeql/edk2.qls | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index ef9aae790f5f..dc2d87764e93 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -8,7 +8,14 @@
=20
 # Enable individual queries below.
=20
+- include:
+    id: cpp/conditionallyuninitializedvariable
 - include:
     id: cpp/infinite-loop-with-unsatisfiable-exit-condition
 - include:
     id: cpp/overflow-buffer
+- include:
+    id: cpp/pointer-overflow-check
+- include:
+    id: cpp/potential-buffer-overflow
+
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101855): https://edk2.groups.io/g/devel/message/101855
Mute This Topic: https://groups.io/mt/97834591/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sat Apr 20 02:21:24 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+101856+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101856+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.microsoft.com
ARC-Seal: i=1; a=rsa-sha256; t=1679697087; cv=none;
	d=zohomail.com; s=zohoarc;
	b=b+ADdlEo66JghyJAZgsl5XKY5rY9FqsFazhYsX+V+3vw6xzBcfdlaja+FInLIn3FkV+SxYPZstJpryuVoxIGrempGnOi9dwfM7NETvtnaOGWBS6ImDpaaqExQ6YYtjQ/B8Ml90QUqDBHujenqtXPVxL4BVx1eArTKywMyceuPVU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1679697087;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=kw0iQ7HIb9otFPi19003tuu1TA6PlRSNnit/UwMsoJg=;
	b=OWKdJZNMy1LH/KTs1pBq2aq8mxXXVESMpbYrL4VEnexBAD3o7sU6VDqsAIhzp42oFbseAJAWQI9+Rj5g7+N+Dv50M7uPwNX0j/oD54WpQg8KSnhH4U6E1Whumnwceu5MXzH6xmyuCqeHaILxvCZ7FDdkJf1JjQg8wQtmKC9vbgQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+101856+1787277+3901457@groups.io;
	dmarc=fail header.from=<mikuback@linux.microsoft.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1679697087477477.2950276167568;
 Fri, 24 Mar 2023 15:31:27 -0700 (PDT)
Return-Path: <bounce+27952+101856+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id OJ2eYY1788612xfNahjFWm3T;
 Fri, 24 Mar 2023 15:31:27 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.10550.1679697086649939942
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:26 -0700
X-Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id C5BB120FC3CF;
	Fri, 24 Mar 2023 15:31:25 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com C5BB120FC3CF
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>
Subject: [edk2-devel] [PATCH v7 12/12] .github/codeql/edk2.qls: Enable CWE
 120, 787, and 805 queries
Date: Fri, 24 Mar 2023 18:30:34 -0400
Message-Id: <20230324223034.1560-13-mikuback@linux.microsoft.com>
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
X-Gm-Message-State: 67fQhoUvvYIR6qkXcoId59a0x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1679697087;
 bh=2xemi+P11Bv3haiFMjGHVTEJibap5vwMqb3NRhznuXs=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=sLQTry6J93CWOTNRtzJxPAledomX5zHaO4agX0/bsjtKWa7XVUWBN7Xm1xqVoAQrysi
 R35+NBQKKNsYcezTY71MOwLoDn6Y4uV5BgqlMO3yScc+HX7BaJCj4UgTjFaEEE0O3wBr6
 0O1RwkJXqVETNtcEMrRhvrv7Vwkitpw6uMU=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1679697089655100001
Content-Type: text/plain; charset="utf-8"

From: Michael Kubacki <michael.kubacki@microsoft.com>

As recommended by CodeQL this change replaces
cpp/potential-buffer-overflow with cpp/overrunning-write-with-float
and cpp/overrunning-write.

Enables:

1. cpp/overrunning-write
   - @name Likely overrunning write
   - @description Buffer write operations that do not control the length
                  data written may overflow
   - @kind problem
   - @problem.severity error
   - @security-severity 9.3
   - @precision high
   - @id cpp/very-likely-overrunning-write
   - @tags reliability
     - security
     - external/cwe/cwe-120
     - external/cwe/cwe-787
     - external/cwe/cwe-805
2. cpp/overrunning-write-with-float
   - @name Potentially overrunning write with float to string conversion
   - @description Buffer write operations that do not control the length
                  of data written may overflow when floating point inputs
                  take extreme values.
   - @kind problem
   - @problem.severity error
   - @security-severity 9.3
   - @precision medium
   - @id cpp/overrunning-write-with-float
   - @tags reliability
     - security
     - external/cwe/cwe-120
     - external/cwe/cwe-787
     - external/cwe/cwe-805
3. cpp/very-likely-overrunning-write
   - @name Likely overrunning write
   - @description Buffer write operations that do not control the length
                  of data written may overflow
   - @kind problem
   - @problem.severity error
   - @security-severity 9.3
   - @precision high
   - @id cpp/very-likely-overrunning-write
   - @tags reliability
     - security
     - external/cwe/cwe-120
     - external/cwe/cwe-787
     - external/cwe/cwe-805

- CWEs:
  - https://cwe.mitre.org/data/definitions/120.html
  - https://cwe.mitre.org/data/definitions/787.html
  - https://cwe.mitre.org/data/definitions/805.html

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
---
 .github/codeql/edk2.qls | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index dc2d87764e93..9bea9ba01f24 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -14,8 +14,11 @@
     id: cpp/infinite-loop-with-unsatisfiable-exit-condition
 - include:
     id: cpp/overflow-buffer
+- include:
+    id: cpp/overrunning-write
+- include:
+    id: cpp/overrunning-write-with-float
 - include:
     id: cpp/pointer-overflow-check
 - include:
-    id: cpp/potential-buffer-overflow
-
+    id: cpp/very-likely-overrunning-write
--=20
2.40.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101856): https://edk2.groups.io/g/devel/message/101856
Mute This Topic: https://groups.io/mt/97834593/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-