From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1nFajf-0000zP-Dt for mharc-grub-devel@gnu.org; Thu, 03 Feb 2022 06:57:11 -0500 Received: from eggs.gnu.org ([209.51.188.92]:50212) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nFajb-0000zB-NY for grub-devel@gnu.org; Thu, 03 Feb 2022 06:57:08 -0500 Received: from mx0a-00069f02.pphosted.com ([205.220.165.32]:5600) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nFajY-0006o8-S4 for grub-devel@gnu.org; Thu, 03 Feb 2022 06:57:07 -0500 Received: from pps.filterd (m0246627.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 2139ZD5h024816 for ; Thu, 3 Feb 2022 11:56:59 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : in-reply-to : references : date : message-id : content-type : mime-version; s=corp-2021-07-09; bh=L8xo5Qu/BrwwfvPMiBsUN2fuSkPq8VgR/1sc/cC2tJw=; b=N63H8W51yhsGvvlMqsRGYQhybBM7u68pspm/mNA9Z9ZwOYnVmIsdMNQyehEF2NIFMcUG OM0ZNvzN/H+mhlJ7zou4bCj/qVRDXPX/Fmyecrxngt0XDt+y4xaECCY4k6yMClesAHmq Lj68xd/UYxWG+PBeKXBoQCO3xrgYH1okc6JrNbWPj+iufQYYr5YMq4ypKFKGvInfHDir y22ZlkPnbb+N9VPmzAH8dEchG1+/i6glTOpFcXAFpLYoq6f/Fwhqphb7tNMw8DIfp3HG gYMlW+u0Ms01Cqp4RnC3g5ssJADSjflS48/efIgQhOBcb5U/tXd+AnaS6MCtKljdZahC 6Q== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by mx0b-00069f02.pphosted.com with ESMTP id 3dxjau16vf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 03 Feb 2022 11:56:58 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.1.2/8.16.1.2) with SMTP id 213BtV8o102374 for ; Thu, 3 Feb 2022 11:56:57 GMT Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2175.outbound.protection.outlook.com [104.47.56.175]) by userp3030.oracle.com with ESMTP id 3dvtq4x7ge-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 03 Feb 2022 11:56:57 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PLmz8kX6P6PqUySc1ey2dP4AHsstHlJbg1B4ObCG83rSXOdxFyFs4Y0TP+sL0csOx3DdAsFhb2Dqyq64n2HkM59uRqZfSYU5G3shAfLyh6AgApA2vJ7ov8HXlkNU6YUJvjj+jnM/14Gj2BZq6Z296ryhj6hEEaLSYzbt+7dQ4RIcQSwtII2eiBtFfeLRvdTo4Ay7wfA7r6p6zkMVSCi+wAF2v883Lx174S57TzC2VJIDSJx1rXtBYg+6N1ZbEshTNVUOK7cEC8TdrhN3m6OOEKiE/2Ndh6JvfSBcSKvTrDQt7qoVhmaNEPT4JxsDMmKEhLK8glvGYeX2d2UhcuyZHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=L8xo5Qu/BrwwfvPMiBsUN2fuSkPq8VgR/1sc/cC2tJw=; b=bWMxXywC2ajgIPqdqGb18vuCG9H5D9uDlXWDuzh5wTbt9gSjRgg2+TzWAOO+hVW5Xz/DxSN37OYoBUl62igHtP7cdxiUZ6fQIYc7SShJ/33fEPgCyOMiVfoMgP7c1Hvg356QZ4jf3pwrhklc++4jtcSjKUPYPecdkuNW9isOcWwOFElQVv4rabswvdXtlXgSp2tgT9iL+uzfGYGCroJZZgHNZpvXXLHm8vPLUramsF1CfQdSGgc+sjNEBb2FGxQ1oK/2sU4geaeNlHhqQrj5rhaV38CPa/JRkH0M4uH7zAFowfn//QgcqWYv1fbS/9KhEdR//FQjv5i/Mb1gw/orng== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=L8xo5Qu/BrwwfvPMiBsUN2fuSkPq8VgR/1sc/cC2tJw=; b=Wb8GZ0ylG64AY7cAGIYkyxgYhmByOSROCuu8/ip/djKBFNQnyFNmJiSxmGqWrX4FqNUMZVJnuq3mShS/SLi7ZT821Pn8Kq0Xfl9WMu7SGAwCRfqPbe512srOGVHuk4oc8bQHGsMK4Baj+s21em2bQkmEYB3s2bUUvjihbu/y/EQ= Received: from BLAPR10MB5138.namprd10.prod.outlook.com (2603:10b6:208:322::8) by BLAPR10MB4929.namprd10.prod.outlook.com (2603:10b6:208:324::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.11; Thu, 3 Feb 2022 11:56:54 +0000 Received: from BLAPR10MB5138.namprd10.prod.outlook.com ([fe80::e4a5:7c7:1cfd:1bd0]) by BLAPR10MB5138.namprd10.prod.outlook.com ([fe80::e4a5:7c7:1cfd:1bd0%5]) with mapi id 15.20.4951.014; Thu, 3 Feb 2022 11:56:54 +0000 From: Darren Kenny To: Alec Brown , grub-devel@gnu.org Cc: daniel.kiper@oracle.com Subject: Re: [PATCH 0/4] Clean up code and fix coverity bugs in util/grub-module-verifierXX.c In-Reply-To: <1643848020-8197-1-git-send-email-alec.r.brown@oracle.com> References: <1643848020-8197-1-git-send-email-alec.r.brown@oracle.com> Date: Thu, 03 Feb 2022 11:56:49 +0000 Message-ID: Content-Type: text/plain X-ClientProxiedBy: DB6PR0601CA0008.eurprd06.prod.outlook.com (2603:10a6:4:7b::18) To BLAPR10MB5138.namprd10.prod.outlook.com (2603:10b6:208:322::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 91f72b04-a21f-49ed-42fc-08d9e70c4563 X-MS-TrafficTypeDiagnostic: BLAPR10MB4929:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tnq/RC5CQG08abTwdhRx/9+RDfXIwU1kUMGZLAyqKAyDzmoq5wg5zH0dotKLYb+7hOHK/rbLfX4b7ESLl1Pxgr/Y+oqNtDGp7AxlpFezDSnRuNiN6e/XejUbwwc5DOUp5uBebrZNl4SFhgk6gF2Zu46Y34t1xPg1IU6irXQ7Vr6E4tsyXqL4ix9KcvgocJqSNtG1s4/ys8c0IIIErKEm+dMAUmjNai6JetuFU2yc0XmZd3YlChwXJJJpta03stF5Gz8bibPTLEZfpaTMTQzc87tWC77+B5oNu1SXQiPNtRK97kWYOn1CYVsZeCeBTsznzu9n6pEgjCYYinZV6s8qtVr0S8FNSUOudSECm0lj//VWt/xozqSh/QOJdyRP9v+9NltHbv7qYKhQ3FGCcEMK8n7MxZgcbDx8ZZwVzIuq7wO9k64uJHxhFP49YWVkK0WYoLZEwL93cuVRF9LqudPebie7Mmdv83jrapjFsCsFuELq2t9UI6EeP6oGBZPBYPf2pSZYHSQXu3u94KQxXEMaOy6+X9hp4J59PCWAjz3LbL5NeLWJ8vBpFbGc1TuzmrS3/f2Cs+L3L0i4K+0c7dNIFPpKlYqHkyfr6jCW4NJfBTHGGWGKyf/fzwC0rsccGuOWc6XP/rNk+JiZ1No0uLWkt38gexQSfQLITRZD3UyEFYYG/Z/6yb+dWpFLM9YuanSyULVhKUY767mrzznjS4gqHA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BLAPR10MB5138.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(83380400001)(6486002)(36756003)(38350700002)(26005)(316002)(38100700002)(186003)(107886003)(66476007)(508600001)(44832011)(6506007)(52116002)(66556008)(2906002)(5660300002)(2616005)(6512007)(6666004)(8936002)(66946007)(8676002)(4326008)(86362001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Kt+AFouuabJzJD2PEea24qiKqn9BDbTDEK3Egyx9E5Gs5TeXmLqo9vLEaZag?= =?us-ascii?Q?IdxiyO4lfMZ9GG6G/gqKUTQyTdjksy+TWNI75R3G5Sxflw8V0iJBe8CYqeOm?= =?us-ascii?Q?wgkMOljuy41WWdYEucCRHayptLCtGrpwtZyx9UEG+0geSWgkmdjDH2IV4br5?= =?us-ascii?Q?i0AZvCv498es+kiSiQY9te9y29BMKt59pIvR3nZr36irqjbMoS/ybebUgr1Q?= =?us-ascii?Q?KzaQKLceCVDsrTFx4jeIJokfrZu7b3qxiZowKVOnREOISDNtsqwzd6Tw4HEw?= =?us-ascii?Q?y2VLRinGVlReCmu/8g1w0Y9qaNdXGwynHX2MvH0ptrnp/zJaf86nuBk52/5V?= =?us-ascii?Q?XJbBoijbuxGgi0XZc8QmGBb5FfoboCWW3YkzN2mfvwfw4HN8twpEvCY0XXam?= =?us-ascii?Q?zaPChQIXkBaQfu0wBp6iuAGrEwNBJBvWWc22Mz4egKjScjn4szj7OJfoyFln?= =?us-ascii?Q?9Qg6p0OPa1mNbDTCgV41XpojB679bKA93b3xuMPrVfDIEMbePZ1NdmiHD2/a?= =?us-ascii?Q?r5RnKjybaTnAvxEcRC2qdziV0cv/+dImf08RTdBNoF/F2uqgY/F5Rp4QEZ0k?= =?us-ascii?Q?4nWw1L0Kb3A4hy/UbxhtXrEtMf5fEO3eb+017agGDyVXY994UB2skxQ4LLzR?= =?us-ascii?Q?5jty2DjEjsOpGWsf9vf1pOdRxpvp3oAnivW/+DXPn7hYxuoom2CWCGWKh/pt?= =?us-ascii?Q?s6G251Vl0wE28lMB3iYoeWWpaFcI5gqhfegGepoVGDMn42AWYa/AzOqKNVUo?= =?us-ascii?Q?+bdk21lEP3etvTk8MvUDIsfyskklicfXd7iq69VhHxtsw1C9zzfzOazMrBQ7?= =?us-ascii?Q?MIhv8zyeQjE1+jSMbNINIaK24w7YQhm+VrtvcSyBVT7oafvHzrci89LhgMlx?= =?us-ascii?Q?9jwZldnpWSCZozyZrRiawqhhZv+ShmCsjPu8tdzYrF8ruP2BQUcks8yFJCtY?= =?us-ascii?Q?Lw2Hm7RSIOoL29jijvof2fvGJeloylYvwmW2gdwt9WTClW3zYWRdDz/VL6JA?= =?us-ascii?Q?WMXxulxPImVx07M3OPTb42/MjlU1d+Rj6Hp4OES+ldgECCwKqq55rLZqrzaH?= =?us-ascii?Q?nZsguGuA5H4aQTR/1WYNBZHzrIuJRd2KE/HkO6nOYvuUfl8+EDgO3WPE29NI?= =?us-ascii?Q?Tq1eYYTujmVKL/BHzOnnu4UvgP7yXkKcs6SC//PysGCP442yhca9l5A6uN9O?= =?us-ascii?Q?v84SwsbHYIf6aVCs3hjuXQNEY9DJxvZfjjASVp6xa+OLCLLB09U76ee24Wfw?= =?us-ascii?Q?kHLMfyuySOe1lHwOovw8+EpWpYyNIzsHjV9FDPbHcci+SC8+XlHqwcyf9Lnj?= =?us-ascii?Q?Fruh+PBm8gaIuuXwEhCEA3D9En82/XTCdIcslt0iEWn6Rdf0ndBRQc/GKUat?= =?us-ascii?Q?1lYwh4cg21e/pfkCdwNjkmhcRGIJ368KoHUa0Q51rHjb1ZDCB+JZMtOHxZMB?= =?us-ascii?Q?x09w+4asarszT18P25IBcewoHdxeQq0zjfqltdzGlJcqzl2NlPOeZWebMcl3?= =?us-ascii?Q?8RpfFOuF3CASoy0ocHZhX3bG5b+NRUWzsKCAEWKi+9DVE8luuQwqCv1WxWAf?= =?us-ascii?Q?rNEeLzQCS4cFWmOBJYG4Vp+EmSo4Q50eSIs6e5z61mh6lQcCiOC5YZkK+JDB?= =?us-ascii?Q?CCHnD8YxXNi2iRxLJYUXsXw=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 91f72b04-a21f-49ed-42fc-08d9e70c4563 X-MS-Exchange-CrossTenant-AuthSource: BLAPR10MB5138.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2022 11:56:54.2673 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: zRVSLUV2JzB7JDPtUz6DfhQO37sJntZ/nDatnywBMsJ6WLDetfW7wAfM633Gr/ezie7En2PJksNXFHhUESBO1w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR10MB4929 X-Proofpoint-Virus-Version: vendor=nai engine=6300 definitions=10246 signatures=673430 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 mlxlogscore=965 adultscore=0 malwarescore=0 bulkscore=0 suspectscore=0 mlxscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2202030075 X-Proofpoint-GUID: EDS6wwwXP2_21gibtE5PoI4hFjuUULGa X-Proofpoint-ORIG-GUID: EDS6wwwXP2_21gibtE5PoI4hFjuUULGa Received-SPF: pass client-ip=205.220.165.32; envelope-from=darren.kenny@oracle.com; helo=mx0a-00069f02.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2022 11:57:08 -0000 Hi Alec, These look good to me, thanks for handling the Coverity issues here. For the series: Reviewed-by: Darren Kenny Thanks, Darren. On Wednesday, 2022-02-02 at 19:26:56 -05, Alec Brown wrote: > Coverity identified several untrusted loop bounds in > util/grub-module-verifierXX.c. This patch series addresses these bugs, cleans up > lengthy equations, and makes checks to values based on the elf manual page. > > The Coverity Bugs being addressed are: > CID 314021 > CID 314027 > CID 314033 > > Alec Brown (4): > util/grub-module-verifierXX.c: Add function to calculate section headers > util/grub-module-verifierXX.c: Validate number of elf section header table entries > util/grub-module-verifierXX.c: Validate elf section header table index for section name string table > util/grub-module-verifierXX.c: Add module_size parameter to functions for sanity checking > > util/grub-module-verifierXX.c | 124 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------- > 1 file changed, 93 insertions(+), 31 deletions(-)