CryptoPkg/BaseCryptLib: Clean up checking of PKCS#7 contents type

Use the new OBJ_get0_data() accessor to compare the data, and actually
check the length of the object too.

(Sync patch r18702 from main trunk.)

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@19559 6f19259b-4bc3-4df7-8a09-765794883524

1 files changed, 4 insertions, 3 deletions

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
index 9e933558e6..857281d75f 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
@@ -77,7 +77,7 @@ AuthenticodeVerify (
   UINT8        *SpcIndirectDataContent;

   UINT8        Asn1Byte;

   UINTN        ContentSize;

-  UINT8        *SpcIndirectDataOid;

+  CONST UINT8  *SpcIndirectDataOid;

 

   //

   // Check input parameters.

@@ -115,8 +115,9 @@ AuthenticodeVerify (
   //       some authenticode-specific structure. Use opaque ASN.1 string to retrieve

   //       PKCS#7 ContentInfo here.

   //

-  SpcIndirectDataOid = (UINT8 *)(Pkcs7->d.sign->contents->type->data);

-  if (CompareMem (

+  SpcIndirectDataOid = OBJ_get0_data(Pkcs7->d.sign->contents->type);

+  if (OBJ_length(Pkcs7->d.sign->contents->type) != sizeof(mSpcIndirectOidValue) ||

+      CompareMem (

         SpcIndirectDataOid,

         mSpcIndirectOidValue,

         sizeof (mSpcIndirectOidValue)