audk/Test at 1dbb10cc52dc8ef49bb700daa1cefc76b26d52e0 - audk

History

Doug Flick via groups.io 5f3658197b NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4535 Confirms that reported issue... "Buffer overflow in the DHCPv6 client via a long Server ID option" ..has been corrected by the provided patch. Tests the following functions to ensure they appropriately handle untrusted data (either too long or too small) to prevent a buffer overflow: Dhcp6AppendOption Dhcp6AppendETOption Dhcp6AppendIaOption Cc: Saloni Kasbekar <saloni.kasbekar@intel.com> Cc: Zachary Clark-williams <zachary.clark-williams@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>	2024-02-06 19:24:26 +00:00
..
NetworkPkgHostTest.dsc	NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests	2024-02-06 19:24:26 +00:00

Doug Flick via groups.io 5f3658197b NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4535

Confirms that reported issue...

"Buffer overflow in the DHCPv6 client via a long Server ID option"

..has been corrected by the provided patch.

Tests the following functions to ensure they appropriately handle
untrusted data (either too long or too small) to prevent a buffer
overflow:

Dhcp6AppendOption
Dhcp6AppendETOption
Dhcp6AppendIaOption

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>

2024-02-06 19:24:26 +00:00

NetworkPkgHostTest.dsc

NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests

2024-02-06 19:24:26 +00:00