diff options
author | tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-10-28 07:41:26 +0000 |
---|---|---|
committer | tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-10-28 07:41:26 +0000 |
commit | da9e7418daad22aee7b48790c1d1db5d2ede7e58 (patch) | |
tree | 2b0db8d7cbf708811e789e99a8fc4bf381dc2dcc /CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | |
parent | 91c7aa53896ac4372f7465bbea4a3e8ebcebb877 (diff) | |
download | edk2-platforms-da9e7418daad22aee7b48790c1d1db5d2ede7e58.tar.xz |
1. Fix build break issue for NOOPT target.
2. Fix potential system hang issue in X509_STORE_CTX_cleanup.
3. Fix potential overflow when convert UINTN to INT.
4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData.
5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData.
Signed-off-by: tye
Reviewed-by: xdu2
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c')
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 7557399aa4..88c21369b6 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -48,6 +48,10 @@ X509ConstructCertificate ( ASSERT (Cert != NULL);
ASSERT (SingleX509Cert != NULL);
+ if (CertSize > INT_MAX) {
+ return FALSE;
+ }
+
Status = FALSE;
//
@@ -439,6 +443,7 @@ X509VerifyCert ( // X509 Certificate Verification.
//
Status = (BOOLEAN) X509_verify_cert (&CertCtx);
+ X509_STORE_CTX_cleanup (&CertCtx);
_Exit:
//
@@ -447,7 +452,6 @@ _Exit: X509_free (X509Cert);
X509_free (X509CACert);
X509_STORE_free (CertStore);
- X509_STORE_CTX_cleanup (&CertCtx);
return Status;
}
|