From nobody Tue May  7 04:56:40 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+79909+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1630096301714256.3800386799087;
 Fri, 27 Aug 2021 13:31:41 -0700 (PDT)
Return-Path: <bounce+27952+79909+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id NCcIYY1788612xw7iJt8iFAi;
 Fri, 27 Aug 2021 13:31:41 -0700
X-Received: from NAM02-DM3-obe.outbound.protection.outlook.com
 (NAM02-DM3-obe.outbound.protection.outlook.com [40.107.95.61])
 by mx.groups.io with SMTP id smtpd.web08.759.1630095001622636621
 for <devel@edk2.groups.io>;
 Fri, 27 Aug 2021 13:10:03 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=T0LRt463O/LbCL2O0YGWNfcza72A/VD5VhstGQr6wHi/F7rDHYMVrxv/phihuJjGYnp9KU9gzeuYZJXDIb6SlTFxeeJOdKWfUGhj/r4dhPSA7ViqRGO9BZWNNANTigsqVqf5caJzjEXkugdjoqJF0ZrbgB4xTarLlacemrVga3n3/YRCvyHyTDyInRu/7FgNZVAhk8LMTJAZITaA2+1tHeZA4s6lt5oSyo17AvfnLUzVVF3b7GkGASwhrPquAhbXeajtJEqQ03sLg3s2Z0KQMj45qPAPgMxypCD9nob6vyT8KB9JVnMF56kb36+mebyxeoPkd78+ikdPNxIfiLy9Qw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=fJ7DxgX/4LLwHJHfLAlu+rG2eUaly+JAUEDhNJ5IiGc=;
 b=BWMrWPVlKatYEvyWsQr5HfERzL/uF2C1bHX+CLxQvFBIOO6ZDbcDA/Oi1xtufuxTYIxgnBLZUAXXWXCWEcLYoPC0R45WhP2eTklgB48PXIwCQmCsS31OAloC/+5Rdj69p6KQZcVvc/xsPATjCplzKZRAnBkPdrCpjM2UGgcLLYxPXxJBzWLzfLaCVapGgqg1v5cZXp9h8BsDRPf8d38Jvc5EPBmWDyK1nwEsdmcdfVf4ft+1Y0B5tZamf+ZNitDgCkyQCyT7BWzmABKaj+q1Qrj+FWZYAIR9JTagxC3d/IdpViPGC2roIfbZ9OYW67y7NvYk+FLAxbOTfGn+GsjLew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 216.228.112.32) smtp.rcpttodomain=intel.com smtp.mailfrom=nvidia.com;
 dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=nvidia.com;
 dkim=none (message not signed); arc=none
X-Received: from BN9PR03CA0008.namprd03.prod.outlook.com
 (2603:10b6:408:fa::13)
 by CY4PR12MB1222.namprd12.prod.outlook.com (2603:10b6:903:3b::13) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.22; Fri, 27 Aug
 2021 20:10:00 +0000
X-Received: from BN8NAM11FT036.eop-nam11.prod.protection.outlook.com
 (2603:10b6:408:fa:cafe::59) by BN9PR03CA0008.outlook.office365.com
 (2603:10b6:408:fa::13) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4457.18 via Frontend
 Transport; Fri, 27 Aug 2021 20:09:59 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.112.32)
 smtp.mailfrom=nvidia.com; intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=pass action=none header.from=nvidia.com;
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+79909+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates
 216.228.112.32 as permitted sender) receiver=protection.outlook.com;
 client-ip=216.228.112.32; helo=mail.nvidia.com;
X-Received: from mail.nvidia.com (216.228.112.32) by
 BN8NAM11FT036.mail.protection.outlook.com (10.13.177.168) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id
 15.20.4457.17 via Frontend Transport; Fri, 27 Aug 2021 20:09:59 +0000
X-Received: from HQMAIL101.nvidia.com (172.20.187.10) by HQMAIL109.nvidia.com
 (172.20.187.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 27 Aug
 2021 13:09:59 -0700
X-Received: from localhost.localdomain (172.20.187.6) by mail.nvidia.com
 (172.20.187.10) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Fri, 27 Aug 2021 20:09:58 +0000
From: "Bob Morgan via groups.io" <bobm=nvidia.com@groups.io>
To: <devel@edk2.groups.io>
CC: <jiewen.yao@intel.com>, <jian.j.wang@intel.com>, <xiaoyux.lu@intel.com>,
	<guomin.jiang@intel.com>, Bob Morgan <bobm@nvidia.com>
Subject: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra buffer
 copy in Pkcs7Verify()
Date: Fri, 27 Aug 2021 14:07:09 -0600
Message-ID: 
 <46b077a7ba2e7372a3763fdfa59cbd0976eb4b89.1630093105.git.bobm@nvidia.com>
X-NVConfidentiality: public
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 40ff05e3-f263-45ef-e8c4-08d96996a5ec
X-MS-TrafficTypeDiagnostic: CY4PR12MB1222:
X-Microsoft-Antispam-PRVS: 
 <CY4PR12MB12226324EF41E6D808878778AAC89@CY4PR12MB1222.namprd12.prod.outlook.com>
X-MS-Exchange-Transport-Forked: True
X-MS-Oob-TLC-OOBClassifiers: OLM:6790;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Message-Info: 
 i4UV5/BK87F+f9zkUcE5WOMp+aHJj68hbgSlXP9XxMMfYwrF6/77oABdM/bbJVAHdcx+JyoQxxU7SQOpVNZXZMQ4OKseOrgvl6aKj7lXS3YoRLuB7rl/rN5FP5mW/k1xhO/OviVVxCBPg6ByLW2sF1uuyFXjzewGKN869iyjEYNZsskQOHNC1CeI7Vs7DNMGDljC58gKQzj+Ub7l+DGsr+/GpLXtaOM6nFmiItUoGdHDVIsIv+h0hQheZlkFT+a34hbGoV66iv/RN78BxDNf9nnkjASioaox8i2hO+6OEkZkrEJslnq2y99ynr+dDuemIfq+xw5QMVezZRmbEowRBMzB6ymWt7v34z2SFNMLsfQmpfq+IUAHx+TM0uNoYT68ksy19MbM+GKiVF07aGaKI8gZiqnLqYBBMmYDps/JzYdMuM3J/JBaSqyGTjlegxvcBhS4qb7UnKKf7fE5q9YajUqYQw98N3e+WxI+7P5OrdqszBDaClq9XIiAo8heMgQn0gnOk2edEIkgB5Z8grCKFyCtm44mc9P1fG+jvI4j17e+/EHqMLOSnpYAeDhV2GrxUEzsKV5N+KSPAiPejTR3QLUjWJmeyRCD2ADQzQBCowANAkduV2TGlKKxVtKftXJIkFpEbPdE6F0arIciNOqs2eG/2VJ1fJQqFT4u1Caxg5NpXhe9wImpEC6A/Tv56mA9uw0TIxVUArx7reHDKmwiKg==
X-OriginatorOrg: Nvidia.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Aug 2021 20:09:59.7724
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 40ff05e3-f263-45ef-e8c4-08d96996a5ec
X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.112.32];Helo=[mail.nvidia.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 BN8NAM11FT036.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1222
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,bobm@nvidia.com
X-Gm-Message-State: thXhAy3pIsc3NRXeAdouZoKBx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1630096301;
 bh=rQMPu75SCywgmmui//fyAIP0DslkhOUupLNo2QfTdR8=;
 h=CC:Content-Type:Date:From:Reply-To:Subject:To;
 b=UzL420TISlTJ+l7JAUuX/93tey2TVopMhwl21K7lvIZgTItHFSm1/7dXe23WlG/XsuB
 eyRku/DBr419Z5/FK1kWcsUfq2+9LuspfNI+7CmdOQnr9j6qDr08kR/fIcSIVVQ1QFAiN
 BfmFZZ7kMtXi47vDdRRLJ0UTHoyJiY8DDN8=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1630096303749100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Create a read-only openSSL BIO wrapper for the existing input
buffer passed to Pkcs7Verify() instead of copying the buffer
into an empty writable BIO which causes memory allocations
within openSSL.

Signed-off-by: Bob Morgan <bobm@nvidia.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c b/C=
ryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
index d99597d181..8eda98f7b2 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
@@ -864,15 +864,11 @@ Pkcs7Verify (
   // For generic PKCS#7 handling, InData may be NULL if the content is pre=
sent
   // in PKCS#7 structure. So ignore NULL checking here.
   //
-  DataBio =3D BIO_new (BIO_s_mem ());
+  DataBio =3D BIO_new_mem_buf (InData, (int) DataLength);
   if (DataBio =3D=3D NULL) {
     goto _Exit;
   }
=20
-  if (BIO_write (DataBio, InData, (int) DataLength) <=3D 0) {
-    goto _Exit;
-  }
-
   //
   // Allow partial certificate chains, terminated by a non-self-signed but
   // still trusted intermediate certificate. Also disable time checks.
--=20
2.17.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79909): https://edk2.groups.io/g/devel/message/79909
Mute This Topic: https://groups.io/mt/85195547/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-