The Fedora distro ships a modified OpenSSL 1.1.0 package stream. One of
their patches calls the secure_getenv() C library function. We already
have a stub for getenv(); it applies trivially to secure_getenv() as well.
Add the secure_getenv() stub so that edk2 can be built with Fedora's
OpenSSL 1.1.0 sources.
Cc: Qin Long <qin.long@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Long Qin <qin.long@intel.com>
In time() wrapper implementation, the gRT->GetTime() call may be not
available. This patch adds the extra error handling to avoid the
potential dead loop.
Cc: Star Zeng <star.zeng@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
There is one long-standing problem in CRT realloc wrapper, which will
cause the obvious buffer overflow issue when re-allocating one bigger
memory block:
void *realloc (void *ptr, size_t size)
{
//
// BUG: hardcode OldSize == size! We have no any knowledge about
// memory size of original pointer ptr.
//
return ReallocatePool ((UINTN) size, (UINTN) size, ptr);
}
This patch introduces one extra header to record the memory buffer size
information when allocating memory block from malloc routine, and re-wrap
the realloc() and free() routines to remove this BUG.
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ting Ye <ting.ye@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Validated-by: Jian J Wang <jian.j.wang@intel.com>
There are some explicit time(NULL) calls in openssl-1.1.0xx source,
but the dummy time() wrapper in ConstantTimeClock.c (used by PEI
and SMM module) has no any checks on NULL parameter. This is one bug
and will cause the memory access issue.
This patch adds the NULL parameter checking in time() wrapper.
Cc: Ting Ye <ting.ye@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Cleaning-up CRT Library Wrapper for the third-party cryptography
library building. The changes includes
1. Rename OpenSslSupport.h to CrtLibSupport.h for future alternative
crypto provider support.
2. Remove all un-referenced CRT APIs and headers.
(NOTE: More cleans-up could be possible after OpenSSL integrate the
extra PR request: https://github.com/openssl/openssl/pull/2961)
Cc: Ting Ye <ting.ye@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Gary Lin <glin@suse.com>
Cc: Ronald Cron <ronald.cron@arm.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Gary Lin <glin@suse.com>
For pointer subtraction, the result is of type "ptrdiff_t". According to
the C11 standard (Committee Draft - April 12, 2011):
"When two pointers are subtracted, both shall point to elements of the
same array object, or one past the last element of the array object; the
result is the difference of the subscripts of the two array elements. The
size of the result is implementation-defined, and its type (a signed
integer type) is ptrdiff_t defined in the <stddef.h> header. If the result
is not representable in an object of that type, the behavior is
undefined."
In our codes, there are cases that the pointer subtraction is not
performed by pointers to elements of the same array object. This might
lead to potential issues, since the behavior is undefined according to C11
standard.
Also, since the size of type "ptrdiff_t" is implementation-defined. Some
static code checkers may warn that the pointer subtraction might underflow
first and then being cast to a bigger size. For example:
UINT8 *Ptr1, *Ptr2;
UINTN PtrDiff;
...
PtrDiff = (UINTN) (Ptr1 - Ptr2);
The commit will refine the pointer subtraction expressions by casting each
pointer to UINTN first and then perform the subtraction:
PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2;
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
- availabe to available
Cc: Qin Long <qin.long@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
This patch is used to fix the potential system hang
caused by the NULL 'time' parameter usage.
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Long Qin <qin.long@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: David Woodhouse <David.Woodhouse@intel.com>
The ISO C standard says about realloc(),
If ptr is a null pointer, the realloc function behaves like the malloc
function for the specified size.
The realloc() implementation doesn't conform to this currently, so add a
check and call malloc() if appropriate.
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Qin Long <qin.long@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
The ISO C standard says about free(),
If ptr is a null pointer, no action occurs.
This is not true of the RuntimeFreeMem() internal function. Therefore we
must not forward the argument of free() to RuntimeFreeMem() without
checking.
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Qin Long <qin.long@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
The ISO C standard says about free(),
If ptr is a null pointer, no action occurs.
This is not true of the FreePool() interface of the MemoryAllocationLib
class:
Buffer must have been allocated on a previous call to the pool
allocation services of the Memory Allocation Library. [...] If Buffer
was not allocated with a pool allocation function in the Memory
Allocation Library, then ASSERT().
Therefore we must not forward the argument of free() to FreePool() without
checking.
This bug can be triggered by upstream OpenSSL commit 8e704858f219
("RT3955: Reduce some stack usage"), for example.
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Qin Long <qin.long@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Although the function qsort receives as an argument a "compare" function
which returns an "int", QuickSortWorker (the function used internally by
qsort to do its job) receives as an argument a "CompareFunction" which
returns an "INTN". In a 32-bit machine, "INTN" is defined as "INT32",
which is defined as "int" and everything works well. However, when qsort
is compiled for a 64-bit machine, "INTN" is defined as "INT64" and the
return values of the compare functions become incompatible ("int" for
qsort and "INT64" for QuickSortWorker), causing malfunction.
For example, let's assume qsort is being compiled for a 64-bit machine.
As stated before, the "compare" function will be returning an "int",
and "CompareFunction" will be returning an "INT64". When, for example,
the "compare" function (which was passed as an argument to qsort and,
then, re-passed as an argument to QuickSortWorker) returns -1 (or
0xffffffff, in a 32-bit integer, its original return type) from inside
a call to QuickSortWorker, its return value is interpreted as being an
"INT64" value - which turns out to be 4294967295 (or 0x00000000ffffffff,
in a 64-bit integer) -, making the function QuickSortWorker to behave
unexpectedly.
Note that this unexpected (or incorrect) conversion does not happen when
casting an "INT32" to an "INT64" directly, but does happen when casting
function types.
The issue is fixed by changing the return type of SORT_COMPARE (the type
of "CompareFunction", used by QuickSortWorker) from "INTN" to "int".
This way, both qsort and QuickSortWorker use compatible definitions for
their compare functions.
Contributed-under: TianoCore Contribution Agreement 1.0
Acked-by: Paulo Alcantara Cavalcanti <paulo.alc.cavalcanti@hp.com>
Signed-off-by: Karyne Mayer <kmayer@hp.com>
Signed-off-by: Rodrigo Dias Correa <rodrigo.dia.correa@hp.com>
Signed-off-by: Arthur Crippa Burigo <acb@hp.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19748 6f19259b-4bc3-4df7-8a09-765794883524
Make mVirtualAddressChangeEvent STATIC to prevent it from conflicting
with other variables of the same name that may be defined in other
libraries (e.g., MdeModulePkg/Universal/Variable/RuntimeDxe)
This also removes the risk of mVirtualAddressChangeEvent being merged with
other uninitialized variables with external linkage by toolchains that perform
COMMON allocation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19146 6f19259b-4bc3-4df7-8a09-765794883524
while MonthNo is the month of the year, so tm_mon should be MonthNo-1.
Similarly, tm_mday is the day of the month, and DayNo is the number
of days since the first day of the month. Assigning DayNo+1 to
tm_mday to fit the definition.
This commit also corrected miscalculated MonthNo and DayNo for the
first day of the month. (Thanks to Laszlo Ersek!)
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14481 6f19259b-4bc3-4df7-8a09-765794883524
Exit is declared to be 'noreturn' function, but GCC sees
that the empty function will return. Therefore, GCC flags
a warning.
To work-around this, we use a function pointer, along with
a cast to force the code to think that a 'noreturn' function
is being called.
Signed-off-by: jljusten
Reviewed-by: qlong
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11609 6f19259b-4bc3-4df7-8a09-765794883524
Include files should never instantiate data. Data should only
be referenced as an 'extern' within include files.
The previous code would generate a GCC warning, since the static
data items were not always referenced.
Signed-off-by: jljusten
Reviewed-by: qlong
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11608 6f19259b-4bc3-4df7-8a09-765794883524
2. Add new MD4 hash supports;
3. Add corresponding test case in Cryptest utility;
4. Fix MACRO definition issue in OpensslLib.inf and parameter checking issues in some wrapper implementations.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11214 6f19259b-4bc3-4df7-8a09-765794883524
Laszlo Ersek
Long Qin
Hao Wu
Jiaxin Wu
Giri P Mudusuru
Karyne Mayer
Ard Biesheuvel
Gary Ching-Pang Lin
tye1
jljusten
qlong
vanjeff
hhtian