Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple edk2 bugfixes #19

Merged
merged 2 commits into from
Jul 26, 2024
Merged

Multiple edk2 bugfixes #19

merged 2 commits into from
Jul 26, 2024

Conversation

tklengyel
Copy link

@tklengyel tklengyel commented Jul 25, 2024
edited
Loading

Fixes oss-fuzz issue #68623: edk2:TestFileName: Heap-buffer-overflow in MangleFileName

==33064==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5210000028fe at pc 0x0000005997ee bp 0x7fffb936d9d0 sp 0x7fffb936d9c8 READ of size 2 at 0x5210000028fe thread T0
SCARINESS: 14 (2-byte-read-heap-buffer-overflow)
    #0 0x5997ed in MangleFileName edk2/MdeModulePkg/Universal/Disk/UdfDxe/FileName.c:186:19
    #1 0x5969f4 in LLVMFuzzerTestOneInput hbfa-fl/HBFA/UefiHostFuzzTestPkg/Library/ToolChainHarnessLib/ToolChainHarnessLib.c:146:3

Fixes oss-fuzz issue #68646: Heap-buffer-overflow READ 1 · TranslateBmpToGopBlt

==41962==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5190000004b4 at pc 0x00000059b3c7 bp 0x7ffcb6f14150 sp 0x7ffcb6f14148
READ of size 1 at 0x5190000004b4 thread T0
SCARINESS: 22 (1-byte-read-heap-buffer-overflow-far-from-bounds)
    #0 0x59b3c6 in TranslateBmpToGopBlt edk2/MdeModulePkg/Library/BaseBmpSupportLib/BmpSupportLib.c:387:44
    #1 0x596bdd in RunTestHarness hbfa-fl/HBFA/UefiHostFuzzTestCasePkg/TestCase/MdeModulePkg/Library/BaseBmpSupportLib/TestBmpSupportLib.c:57:3

Fix MangleFilename patch
5122e4f 
Fixes oss-fuzz issue #68623: edk2:TestFileName: Heap-buffer-overflow in MangleFileName

==33064==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5210000028fe at pc 0x0000005997ee bp 0x7fffb936d9d0 sp 0x7fffb936d9c8
READ of size 2 at 0x5210000028fe thread T0
SCARINESS: 14 (2-byte-read-heap-buffer-overflow)
    #0 0x5997ed in MangleFileName edk2/MdeModulePkg/Universal/Disk/UdfDxe/FileName.c:186:19
    intel#1 0x5969f4 in LLVMFuzzerTestOneInput hbfa-fl/HBFA/UefiHostFuzzTestPkg/Library/ToolChainHarnessLib/ToolChainHarnessLib.c:146:3

Signed-off-by: Tamas K Lengyel <[email protected]>
@tklengyel tklengyel requested a review from antoniogi July 25, 2024 15:37
@tklengyel tklengyel changed the title Fix MangleFilename patch Multiple edk2 bugfixes Jul 26, 2024
@tklengyel tklengyel merged commit 04b3283 into intel:main Jul 26, 2024
2 checks passed
@tklengyel tklengyel deleted the fix branch July 26, 2024 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@antoniogi antoniogi antoniogi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tklengyel @antoniogi