summaryrefslogtreecommitdiff
path: root/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
diff options
context:
space:
mode:
authortye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>2011-10-28 07:41:26 +0000
committertye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>2011-10-28 07:41:26 +0000
commitda9e7418daad22aee7b48790c1d1db5d2ede7e58 (patch)
tree2b0db8d7cbf708811e789e99a8fc4bf381dc2dcc /CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
parent91c7aa53896ac4372f7465bbea4a3e8ebcebb877 (diff)
downloadedk2-platforms-da9e7418daad22aee7b48790c1d1db5d2ede7e58.tar.xz
1. Fix build break issue for NOOPT target.
2. Fix potential system hang issue in X509_STORE_CTX_cleanup. 3. Fix potential overflow when convert UINTN to INT. 4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData. 5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData. Signed-off-by: tye Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c')
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 7557399aa4..88c21369b6 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -48,6 +48,10 @@ X509ConstructCertificate (
ASSERT (Cert != NULL);
ASSERT (SingleX509Cert != NULL);
+ if (CertSize > INT_MAX) {
+ return FALSE;
+ }
+
Status = FALSE;
//
@@ -439,6 +443,7 @@ X509VerifyCert (
// X509 Certificate Verification.
//
Status = (BOOLEAN) X509_verify_cert (&CertCtx);
+ X509_STORE_CTX_cleanup (&CertCtx);
_Exit:
//
@@ -447,7 +452,6 @@ _Exit:
X509_free (X509Cert);
X509_free (X509CACert);
X509_STORE_free (CertStore);
- X509_STORE_CTX_cleanup (&CertCtx);
return Status;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 12:53:41 +0000