70 lines
2.3 KiB
Diff
70 lines
2.3 KiB
Diff
From cc8e518d327b7ee851e28060b95a06edfcfc4400 Mon Sep 17 00:00:00 2001
|
|
From: ShenYage <shenyage1@huawei.com>
|
|
Date: Fri, 28 Feb 2025 16:18:39 +0800
|
|
Subject: [PATCH 2/2] NetworkPkg: DxeNetLib: SECURITY PATCH CVE-2023-45237
|
|
Relared Patch
|
|
|
|
This commit is a patch for CVE-2023-45237. Using RngLib to generate a stronger pseudoRandom number for NetRandomInitSeed().
|
|
|
|
Signed-off-by: ShenYage <shenyage1@huawei.com>
|
|
---
|
|
NetworkPkg/Library/DxeNetLib/DxeNetLib.c | 22 ++++++++++++++--------
|
|
NetworkPkg/Library/DxeNetLib/DxeNetLib.inf | 1 +
|
|
2 files changed, 15 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
index 2a555a7..f0b5ed8 100644
|
|
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.c
|
|
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
#include <Library/DevicePathLib.h>
|
|
#include <Library/PrintLib.h>
|
|
#include <Library/UefiLib.h>
|
|
+#include <Library/RngLib.h>
|
|
|
|
#define NIC_ITEM_CONFIG_SIZE (sizeof (NIC_IP4_CONFIG_INFO) + sizeof (EFI_IP4_ROUTE_TABLE) * MAX_IP4_CONFIG_IN_VARIABLE)
|
|
#define DEFAULT_ZERO_START ((UINTN) ~0)
|
|
@@ -908,14 +909,19 @@ NetRandomInitSeed (
|
|
EFI_TIME Time;
|
|
UINT32 Seed;
|
|
UINT64 MonotonicCount;
|
|
-
|
|
- gRT->GetTime (&Time, NULL);
|
|
- Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second);
|
|
- Seed ^= Time.Nanosecond;
|
|
- Seed ^= Time.Year << 7;
|
|
-
|
|
- gBS->GetNextMonotonicCount (&MonotonicCount);
|
|
- Seed += (UINT32) MonotonicCount;
|
|
+ UINT32 RandomVal;
|
|
+
|
|
+ if (GetRandomNumber32(&RandomVal)) {
|
|
+ Seed = RandomVal;
|
|
+ } else {
|
|
+ gRT->GetTime (&Time, NULL);
|
|
+ Seed = (Time.Hour << 24 | Time.Day << 16 | Time.Minute << 8 | Time.Second);
|
|
+ Seed ^= Time.Nanosecond;
|
|
+ Seed ^= Time.Year << 7;
|
|
+
|
|
+ gBS->GetNextMonotonicCount (&MonotonicCount);
|
|
+ Seed += (UINT32) MonotonicCount;
|
|
+ }
|
|
|
|
return Seed;
|
|
}
|
|
diff --git a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
|
index 8145d25..ce90aa5 100644
|
|
--- a/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
|
+++ b/NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
|
@@ -43,6 +43,7 @@
|
|
MemoryAllocationLib
|
|
DevicePathLib
|
|
PrintLib
|
|
+ RngLib
|
|
|
|
|
|
[Guids]
|
|
--
|
|
2.33.0
|
|
|