New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update DfciUpdate.c to avoid unsigned comparison checking greater than zero #215

Merged

apop5 merged 1 commit into main from spbrogan-patch-3

Apr 29, 2024

Member

spbrogan commented Apr 26, 2024

Description

Resolve a CodeQL identified issue where an unsigned type was being checked against greater than or equal to zero. This will always be true and thus provides no value

Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
Impacts security?
- Security - Does the change have a direct security impact on an application,
  flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
  validation improvement, ...
Breaking change?
- Breaking change - Will anyone consuming this change experience a break
  in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
  a function in a new library class in a pre-existing module, ...
Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
Includes documentation?
- Documentation - Does the change contain explicit documentation additions
  outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
  on an a separate Web page, ...

How This Was Tested

Was not tested other than basic CI

Integration Instructions

NA


          Update DfciUpdate.c to avoid unsigned comparison checking greater tha…

c3465f3

…n zero

Signed-off-by: Sean Brogan <[email protected]>

github-actions bot added the impact:non-functional label

spbrogan requested a review from Flickdm

April 26, 2024 00:30

Flickdm approved these changes

View reviewed changes

apop5 approved these changes

View reviewed changes

apop5 merged commit 76b3a07 into main

14 checks passed

apop5 deleted the spbrogan-patch-3 branch

April 29, 2024 13:49

ProjectMuBot mentioned this pull request

Bump Features/DFCI from 4.0.5 to 4.0.6 microsoft/mu_tiano_platforms#953

Merged

ProjectMuBot referenced this pull request in microsoft/mu_tiano_platforms


          Bumps Features/DFCI from 4.0.5 to 4.0.6

Introduces 18 new commits in [Features/DFCI](https://github.com/microsoft/mu_feature_dfci).

<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/a7245ea372c405731fbbee82198433ef88cd47b6">a7245e</a> pip: bump edk2-pytool-extensions from 0.27.2 to 0.27.3 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/201">#201</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/d2d1cb00860a93d15e17a894d5cd4eac5e9e2cdd">d2d1cb</a> pip: bump edk2-pytool-library from 0.21.3 to 0.21.4 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/203">#203</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/aba937ae978aabe600348863c988175f35ff7ea8">aba937</a> Repo File Sync: prevent `rustup` from self-updating (<a href="https://github.com/microsoft/mu_feature_dfci/pull/204">#204</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/3c74bfa78750880f8eef8c2522adf95818494f67">3c74bf</a> Fixes the Deprecation Warning for return in Robot Framework (<a href="https://github.com/microsoft/mu_feature_dfci/pull/205">#205</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/844b288979cb63089b7c8bc45fc01c20136825ce">844b28</a> Update/tls ciphers (<a href="https://github.com/microsoft/mu_feature_dfci/pull/206">#206</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/c0c1326fadb16bba00f35c99a680227b1492be39">c0c132</a> pip: bump edk2-pytool-library from 0.21.4 to 0.21.5 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/208">#208</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/d99ab14f7f51d324f236bb1b041d42e8926ee58f">d99ab1</a> Repo File Sync: Update to Mu DevOps 9.1.9 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/209">#209</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/6294c21dc08b7e6fd7afeb009c903cf03534c87e">6294c2</a> Repo File Sync: Update to Ubuntu Container 0e124c1 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/210">#210</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/16c06469920d52b11dabd54ca45dcddc6e8a310c">16c064</a> GitHub Action: Bump robinraju/release-downloader from 1.9 to 1.10 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/211">#211</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/e1dffd566293aa94bf35cd045add4956bab2fa11">e1dffd</a> Repo File Sync: synced file(s) with microsoft/mu_devops (<a href="https://github.com/microsoft/mu_feature_dfci/pull/212">#212</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/3f4a5dbf005716a3ee0edde2ea6fe7555064175d">3f4a5d</a> pip: bump regex from 2023.12.25 to 2024.4.16 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/213">#213</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/00c114413ca29aebcde6a4a0e04213fd62a89f57">00c114</a> GitHub Action: Bump robinraju/release-downloader from 1.9 to 1.10 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/214">#214</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/76b3a075554333e1a50361012b3d70d57186bf9f">76b3a0</a> Update DfciUpdate.c to avoid unsigned comparison checking greater than zero (<a href="https://github.com/microsoft/mu_feature_dfci/pull/215">#215</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/e2e06a9aadb637f34ee2dac4e88ef68736678f9b">e2e06a</a> pip: bump regex from 2024.4.16 to 2024.4.28 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/216">#216</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/df423c88a0375deb70c63734c5da09e6b2f83f75">df423c</a> pip: bump edk2-pytool-extensions from 0.27.3 to 0.27.4 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/217">#217</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/29153822c79742eb58ffa78ba6b57236035ec41f">291538</a> Repo File Sync: .gitattributes: Prevent line ending conversion (<a href="https://github.com/microsoft/mu_feature_dfci/pull/218">#218</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/a7dde4037e163ce3cb4373470e4fa859d558d0c2">a7dde4</a> pip: bump regex from 2024.4.28 to 2024.5.10 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/220">#220</a>)</li>
<li><a href="https://github.com/microsoft/mu_feature_dfci/commit/ba354bcfceec3e75bc0cc4ef1f13f959fe4aca0f">ba354b</a> pip: bump pygount from 1.6.1 to 1.8.0 (<a href="https://github.com/microsoft/mu_feature_dfci/pull/219">#219</a>)</li>
</ul>
</details>

Signed-off-by: Project Mu Bot <[email protected]>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

impact:non-functional