summaryrefslogtreecommitdiff
path: root/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
diff options
context:
space:
mode:
authorQin Long <qin.long@intel.com>2014-11-26 08:21:54 +0000
committerqlong <qlong@Edk2>2014-11-26 08:21:54 +0000
commit2bf41ed7dc20f0f6e13babb136753ff3f91edd21 (patch)
tree704307b6dcdd8260edc6b08218f7e5e8d5d10a4b /SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
parent8cc87d32c65316a98a737bb887ba316b81f8bbf1 (diff)
downloadedk2-platforms-2bf41ed7dc20f0f6e13babb136753ff3f91edd21.tar.xz
Correct the alignment calculation of PE/COFF attribute certificate entry.
This is to resolve the possible certificate entry retrieving issue caused by un-aligned (8-bytes) VirtualAddress in some PE/COFF image, which may break secure boot. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Siyuan Fu <siyuan.fu@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16449 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c')
-rw-r--r--SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 3324dba0af..c3793b9429 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1662,7 +1662,7 @@ DxeImageVerificationHandler (
//
for (OffSet = SecDataDir->VirtualAddress;
OffSet < (SecDataDir->VirtualAddress + SecDataDir->Size);
- OffSet += WinCertificate->dwLength, OffSet += ALIGN_SIZE (OffSet)) {
+ OffSet += (WinCertificate->dwLength + ALIGN_SIZE (WinCertificate->dwLength))) {
WinCertificate = (WIN_CERTIFICATE *) (mImageBase + OffSet);
if ((SecDataDir->VirtualAddress + SecDataDir->Size - OffSet) <= sizeof (WIN_CERTIFICATE) ||
(SecDataDir->VirtualAddress + SecDataDir->Size - OffSet) < WinCertificate->dwLength) {