From nobody Mon Sep 16 18:52:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+114471+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+114471+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1706223996; cv=none; d=zohomail.com; s=zohoarc; b=iGA2aYbzMY9KuTTcu9Q7BDPmSZl+3S3Cfmw2dMZzof1kZX8SDxY/MKZJv8aM9eXnkaPGpA71y8i6DA5R3mQWbLEEtLGdlyjsT3JHVYAEwCJQTBUu7awDX4yCYw2DHVCu1rr8IhMwOhy7NRfz0NYxwW5fMJUjSlY8j6PMtzbweT4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1706223996; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=oMd1P502+jelSGgIIK+hs1zrHnrD3zGQf3j0O9MtJBY=; b=j4atzEy+VK/eYTptmIVvZlsImte+M4RZIADp+M+n70gQLK2x96WnjkhsmWPVLaRaQ6admo+5/GMJGGCL8aU5L5taWDkeYKd00IRo9t2wBGCX7GDtTzzaDmeePG10QggyaMwPl+yz2TMinOEl6d24JoLZAFqnG037eH5ni0HYGF8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+114471+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1706223996635964.2988227490674; Thu, 25 Jan 2024 15:06:36 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=IKAXZPKocGBUZfZS15Cub1rhj3/IKeiiKmETADEvJ6g=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1706223996; v=1; b=ppiLscp6BPnssBu29s2lQFYq4mIBBpm57ne6eHYcymahIo0i14ZqpqYOo7SxZ2qhu6x9KvfT Z8JmZqPw2qUe/gpN6NBrMUjuU0Oav8K9NPQi6DgHiQrWN3f/Aj/BvTlk+CZk3eZ07CbhVSXUmEu CfAoBPgYPVX7wz5hHy9OJpcs= X-Received: by 127.0.0.2 with SMTP id oYYnYY1788612x71iXJpocHJ; Thu, 25 Jan 2024 15:06:36 -0800 X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web11.785.1706223995731365733 for ; Thu, 25 Jan 2024 15:06:35 -0800 X-Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1d780a392fdso21690075ad.3 for ; Thu, 25 Jan 2024 15:06:35 -0800 (PST) X-Gm-Message-State: oftbCPF26esz6qLSp0lWR2vUx1787277AA= X-Google-Smtp-Source: AGHT+IFpAcrgSWzGKh2gC8EsplFp9vaVH7X1zvr2wW1f/0BaHm8kM4iJMMBQ2Amd6uOtwSMNgN/D1Q== X-Received: by 2002:a17:903:1205:b0:1d8:4a55:6f21 with SMTP id l5-20020a170903120500b001d84a556f21mr468918plh.109.1706223994891; Thu, 25 Jan 2024 15:06:34 -0800 (PST) X-Received: from localhost.localdomain ([24.17.138.83]) by smtp.gmail.com with ESMTPSA id jh1-20020a170903328100b001d752c4f180sm16779plb.94.2024.01.25.15.06.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jan 2024 15:06:34 -0800 (PST) From: "Doug Flick via groups.io" To: devel@edk2.groups.io Cc: Doug Flick , Saloni Kasbekar , Zachary Clark-williams , "Doug Flick [MSFT]" Subject: [edk2-devel] [PATCH v2 09/15] NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45232 Unit Tests Date: Thu, 25 Jan 2024 13:54:51 -0800 Message-ID: <79694c13f6babf55e33e298eee6e60de44691c0f.1706219324.git.doug.edk2@gmail.com> In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dougflick@microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1706223997877100037 Content-Type: text/plain; charset="utf-8" From: Doug Flick REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D4537 REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D4538 Unit tests to confirm that.. Infinite loop when parsing unknown options in the Destination Options header and Infinite loop when parsing a PadN option in the Destination Options header ... have been patched This patch tests the following functions: Ip6IsOptionValid Cc: Saloni Kasbekar Cc: Zachary Clark-williams Signed-off-by: Doug Flick [MSFT] --- .../Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf | 10 +- .../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h | 40 +++ .../Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp | 278 ++++++++++++++++++ 3 files changed, 324 insertions(+), 4 deletions(-) create mode 100644 NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf b/NetworkPkg= /Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf index 6e4de0745fb5..ba29dbabadb9 100644 --- a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf +++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf @@ -1,13 +1,13 @@ ## @file -# Unit test suite for the Ip6Dxe using Google Test +# Unit test suite for the Ip6DxeGoogleTest using Google Test # # Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent ## [Defines] INF_VERSION =3D 0x00010017 - BASE_NAME =3D Ip6DxeUnitTest - FILE_GUID =3D 4F05D17D-D3E7-4AAE-820C-576D46D2D34A + BASE_NAME =3D Ip6DxeGoogleTest + FILE_GUID =3D AE39981C-B7FE-41A8-A9C2-F41910477CA3 VERSION_STRING =3D 1.0 MODULE_TYPE =3D HOST_APPLICATION # @@ -16,9 +16,11 @@ [Defines] # VALID_ARCHITECTURES =3D IA32 X64 AARCH64 # [Sources] + ../Ip6Option.c + Ip6OptionGoogleTest.h Ip6DxeGoogleTest.cpp Ip6OptionGoogleTest.cpp - ../Ip6Option.c + Ip6OptionGoogleTest.h =20 [Packages] MdePkg/MdePkg.dec diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h b/NetworkPk= g/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h new file mode 100644 index 000000000000..0509b6ae30d2 --- /dev/null +++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.h @@ -0,0 +1,40 @@ +/** @file + Exposes the functions needed to test the Ip6Option module. + + Copyright (c) Microsoft Corporation + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef IP6_OPTION_HEADER_GOOGLE_TEST_H_ +#define IP6_OPTION_HEADER_GOOGLE_TEST_H_ + +#include +#include "../Ip6Impl.h" + +/** + Validate the IP6 option format for both the packets we received + and that we will transmit. It will compute the ICMPv6 error message fiel= ds + if the option is malformatted. + + @param[in] IpSb The IP6 service data. + @param[in] Packet The to be validated packet. + @param[in] Option The first byte of the option. + @param[in] OptionLen The length of the whole option. + @param[in] Pointer Identifies the octet offset within + the invoking packet where the error was de= tected. + + + @retval TRUE The option is properly formatted. + @retval FALSE The option is malformatted. + +**/ +BOOLEAN +Ip6IsOptionValid ( + IN IP6_SERVICE *IpSb, + IN NET_BUF *Packet, + IN UINT8 *Option, + IN UINT16 OptionLen, + IN UINT32 Pointer + ); + +#endif // __IP6_OPTION_HEADER_GOOGLE_TEST_H__ diff --git a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp b/Network= Pkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp index f2cd90e1a952..29f8a4a96e4c 100644 --- a/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp +++ b/NetworkPkg/Ip6Dxe/GoogleTest/Ip6OptionGoogleTest.cpp @@ -12,6 +12,7 @@ extern "C" { #include #include "../Ip6Impl.h" #include "../Ip6Option.h" + #include "Ip6OptionGoogleTest.h" } =20 ///////////////////////////////////////////////////////////////////////// @@ -127,3 +128,280 @@ TEST_F (Ip6OptionValidationTest, InvalidPrefixInfoOpt= ionLengthShouldReturnFalse) =20 EXPECT_FALSE (Ip6IsNDOptionValid (option, optionLen)); } + +//////////////////////////////////////////////////////////////////////// +// Ip6IsOptionValid Tests +//////////////////////////////////////////////////////////////////////// + +// Define a fixture for your tests if needed +class Ip6IsOptionValidTest : public ::testing::Test { +protected: + // Add any setup code if needed + virtual void + SetUp ( + ) + { + // Initialize any resources or variables + } + + // Add any cleanup code if needed + virtual void + TearDown ( + ) + { + // Clean up any resources or variables + } +}; + +// Test Description +// Verify that a NULL option is Invalid +TEST_F (Ip6IsOptionValidTest, NullOptionShouldReturnTrue) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + IP6_SERVICE *IpSb =3D NULL; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + EXPECT_FALSE (Ip6IsOptionValid (IpSb, &Packet, NULL, 0, 0)); +} + +// Test Description +// Verify that an unknown option with a length of 0 and type of = does not cause an infinite loop +TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLength0) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + IP6_OPTION_HEADER optionHeader; + + optionHeader.Type =3D 23; // Unknown Option + optionHeader.Length =3D 0; // This will cause an infinite loop if the= function is not working correctly + + // This should be a valid option even though the length is 0 + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); +} + +// Test Description +// Verify that an unknown option with a length of 1 and type of = does not cause an infinite loop +TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLength1) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + IP6_OPTION_HEADER optionHeader; + + optionHeader.Type =3D 23; // Unknown Option + optionHeader.Length =3D 1; // This will cause an infinite loop if the= function is not working correctly + + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); +} + +// Test Description +// Verify that an unknown option with a length of 2 and type of = does not cause an infinite loop +TEST_F (Ip6IsOptionValidTest, VerifyIpSkipUnknownOption) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + IP6_OPTION_HEADER optionHeader; + + optionHeader.Type =3D 23; // Unknown Option + optionHeader.Length =3D 2; // Valid length for an unknown option + + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); +} + +// Test Description +// Verify that Ip6OptionPad1 is valid with a length of 0 +TEST_F (Ip6IsOptionValidTest, VerifyIp6OptionPad1) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + IP6_OPTION_HEADER optionHeader; + + optionHeader.Type =3D Ip6OptionPad1; + optionHeader.Length =3D 0; + + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); +} + +// Test Description +// Verify that Ip6OptionPadN doesn't overflow with various lengths +TEST_F (Ip6IsOptionValidTest, VerifyIp6OptionPadN) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + IP6_OPTION_HEADER optionHeader; + + optionHeader.Type =3D Ip6OptionPadN; + optionHeader.Length =3D 0xFF; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); + + optionHeader.Length =3D 0xFE; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); + + optionHeader.Length =3D 0xFD; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); + + optionHeader.Length =3D 0xFC; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); +} + +// Test Description +// Verify an unknown option doesn't cause an infinite loop with various le= ngths +TEST_F (Ip6IsOptionValidTest, VerifyNoInfiniteLoopOnUnknownOptionLengthAtt= emptOverflow) { + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + IP6_OPTION_HEADER optionHeader; + + optionHeader.Type =3D 23; // Unknown Option + optionHeader.Length =3D 0xFF; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); + + optionHeader.Length =3D 0xFE; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); + + optionHeader.Length =3D 0xFD; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); + + optionHeader.Length =3D 0xFC; + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, (UINT8 *)&optionHeader, si= zeof (optionHeader), 0)); +} + +// Test Description +// Verify that the function supports multiple options +TEST_F (Ip6IsOptionValidTest, MultiOptionSupport) { + UINT16 HdrLen; + NET_BUF Packet =3D { 0 }; + // we need to define enough of the packet to make the function work + // The function being tested will pass IpSb to Ip6SendIcmpError which is= defined above + UINT32 DeadCode =3D 0xDeadC0de; + // Don't actually use this pointer, just pass it to the function, nothin= g will be done with it + IP6_SERVICE *IpSb =3D (IP6_SERVICE *)&DeadCode; + + EFI_IPv6_ADDRESS SourceAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IPv6_ADDRESS DestinationAddress =3D { 0x20, 0x01, 0x0d, 0xb8, 0x00,= 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x42, 0x83, 0x29 }; + EFI_IP6_HEADER Ip6Header =3D { 0 }; + + Ip6Header.SourceAddress =3D SourceAddress; + Ip6Header.DestinationAddress =3D DestinationAddress; + Packet.Ip.Ip6 =3D &Ip6Header; + + UINT8 ExtHdr[1024] =3D { 0 }; + UINT8 *Cursor =3D ExtHdr; + IP6_OPTION_HEADER *Option =3D (IP6_OPTION_HEADER *)ExtHdr; + + // Let's start chaining options + + Option->Type =3D 23; // Unknown Option + Option->Length =3D 0xFC; + + Cursor +=3D sizeof (IP6_OPTION_HEADER) + 0xFC; + + Option =3D (IP6_OPTION_HEADER *)Cursor; + Option->Type =3D Ip6OptionPad1; + + Cursor +=3D sizeof (1); + + // Type and length aren't processed, instead it just moves the pointer f= orward by 4 bytes + Option =3D (IP6_OPTION_HEADER *)Cursor; + Option->Type =3D Ip6OptionRouterAlert; + Option->Length =3D 4; + + Cursor +=3D sizeof (IP6_OPTION_HEADER) + 4; + + Option =3D (IP6_OPTION_HEADER *)Cursor; + Option->Type =3D Ip6OptionPadN; + Option->Length =3D 0xFC; + + Cursor +=3D sizeof (IP6_OPTION_HEADER) + 0xFC; + + Option =3D (IP6_OPTION_HEADER *)Cursor; + Option->Type =3D Ip6OptionRouterAlert; + Option->Length =3D 4; + + Cursor +=3D sizeof (IP6_OPTION_HEADER) + 4; + + // Total 524 + + HdrLen =3D (UINT16)(Cursor - ExtHdr); + + EXPECT_TRUE (Ip6IsOptionValid (IpSb, &Packet, ExtHdr, HdrLen, 0)); +} --=20 2.43.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#114471): https://edk2.groups.io/g/devel/message/114471 Mute This Topic: https://groups.io/mt/103964985/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-