diff options
| author | Chao, Zhang <chao.b.zhang@intel.com> | 2014-10-21 00:35:49 +0000 |
|---|---|---|
| committer | czhang46 <czhang46@6f19259b-4bc3-4df7-8a09-765794883524> | 2014-10-21 00:35:49 +0000 |
| commit | 8c83d0c0b9bd102cd905c83b2644a543e9711815 (patch) | |
| tree | 5822b906b762890e3b4abbc488e150161e97f9d9 /SecurityPkg/VariableAuthenticated/RuntimeDxe | |
| parent | edb5073413d7b5e60cb69ffd3cb1ccb99decbf6a (diff) | |
| download | edk2-platforms-8c83d0c0b9bd102cd905c83b2644a543e9711815.tar.xz | |
Add PubKey index check before touching PubKey cache. Internal PubKey Variable PubkeyIndex is always 0, causing Index – 1 overflow. Update corresponding comments.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao, Zhang <chao.b.zhang@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16220 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe')
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index 96b1f403c3..49d7648f66 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -1410,9 +1410,11 @@ ProcessVariable ( if (!IsFirstTime) {
//
- // Check input PubKey.
+ // 2 cases need to check here
+ // 1. Internal PubKey variable. PubKeyIndex is always 0
+ // 2. Other counter-based AuthVariable. Check input PubKey.
//
- if (CompareMem (PubKey, mPubKeyStore + (KeyIndex - 1) * EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) {
+ if (KeyIndex == 0 || CompareMem (PubKey, mPubKeyStore + (KeyIndex - 1) * EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) {
return EFI_SECURITY_VIOLATION;
}
//
|