tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
32,227 Commits 12 Branches 0 Tags 318 MiB
Commit Graph

7 Commits

Author SHA1 Message Date
Doug Flick bbfee34f41 NetworkPkg: Ip6Dxe: SECURITY PATCH CVE-2023-45231 Patch 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4536

Bug Overview:
PixieFail Bug #3
CVE-2023-45231
CVSS 6.5 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-125 Out-of-bounds Read

Out-of-bounds read when handling a ND Redirect message with truncated
options

Change Overview:

Adds a check to prevent truncated options from being parsed
+  //
+  // Cannot process truncated options.
+  // Cannot process options with a length of 0 as there is no Type
field.
+  //
+  if (OptionLen < sizeof (IP6_OPTION_HEADER)) {
+    return FALSE;
+  }

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
 2024-02-06 19:24:26 +00:00
Michael Kubacki d1050b9dff NetworkPkg: Apply uncrustify changes 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the NetworkPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
 2021-12-07 17:24:28 +00:00
Maciej Rabeda 9c20342eed NetworkPkg/Ip6Dxe: Improve Neightbor Discovery message validation. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2174

Problem has been identified with Ip6ProcessRouterAdvertise() when
Router Advertise packet contains options with malicious/invalid
'Length' field. This can lead to platform entering infinite loop
when processing options from that packet.

Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
 2020-03-30 13:13:29 +00:00
Philippe Mathieu-Daude b8fc5c03e5 NetworkPkg/Ip6Dxe: Fix typo in comment 
An extra 's' slipped into the 'processing' word.
Drop it to fix the typo.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
 2019-10-17 09:09:26 +08:00
Michael D Kinney ecf98fbcf8 NetworkPkg: Replace BSD License with BSD+Patent License 
https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Replace BSD 2-Clause License with BSD+Patent License.  This change is
based on the following emails:

  https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html
  https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html

RFCs with detailed process for the license change:

  V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html
  V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html
  V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
 2019-04-09 10:58:15 -07:00
Gary Lin d1c85a17fa NetworkPkg: Fix typos in comments 
- assocated -> associated
- malformated -> malformatted
- mal-formated -> mal-formatted
- formated -> formatted
- octects -> octets
- responsiblity -> responsibility
- enought -> enough
- immediatly -> immediately
- integar -> integer
- Alogrithem -> Algorithm
- Initializeion -> Initialization
- primelenght -> primelength
- Vlaue -> Value
- perfoms -> performs
- randome -> random
- verifed -> verified
- finallization -> finalization
- Intializes -> Initializes
- specifed -> specified
- if -> If
- Decrption -> Decryption
- Autahentication -> Authentication
- informatino -> information
- alogrithm -> algorithm
- Authenticaion -> Authentication
- Alogrithem -> Algorithm
- containning -> containing
- paramter -> parameter

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-By: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-By: Jiaxin Wu <jiaxin.wu@intel.com>
 2016-10-26 08:50:03 +08:00
hhtian a3bcde70e6 Add NetworkPkg (P.UDK2010.UP3.Network.P1) 
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10986 6f19259b-4bc3-4df7-8a09-765794883524
 2010-11-01 06:13:54 +00:00