summaryrefslogtreecommitdiff
path: root/SecurityPkg
diff options
context:
space:
mode:
authorEric Dong <eric.dong@intel.com>2014-06-25 06:00:49 +0000
committerydong10 <ydong10@6f19259b-4bc3-4df7-8a09-765794883524>2014-06-25 06:00:49 +0000
commit1fee5304db562db9f0757af077da100336566cd9 (patch)
tree4341a8e75209dd8714b3cdd01cd6673dba45da85 /SecurityPkg
parent393a3169c2a777e3ed899c85f7827258a13f0755 (diff)
downloadedk2-platforms-1fee5304db562db9f0757af077da100336566cd9.tar.xz
Refine code to make it more safely.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15590 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
-rw-r--r--SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c12
-rw-r--r--SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c6
2 files changed, 11 insertions, 7 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 9f2bd68299..0a48ce1628 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -770,22 +770,22 @@ AddImageExeInfo (
//
// Update new item's information.
//
- WriteUnaligned32 ((UINT32 *) &ImageExeInfoEntry->Action, Action);
- WriteUnaligned32 ((UINT32 *) &ImageExeInfoEntry->InfoSize, (UINT32) NewImageExeInfoEntrySize);
+ WriteUnaligned32 ((UINT32 *) ImageExeInfoEntry, Action);
+ WriteUnaligned32 ((UINT32 *) ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION)), (UINT32) NewImageExeInfoEntrySize);
if (Name != NULL) {
- CopyMem ((UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32), Name, NameStringLen);
+ CopyMem ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32), Name, NameStringLen);
} else {
- ZeroMem ((UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32), sizeof (CHAR16));
+ ZeroMem ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32), sizeof (CHAR16));
}
CopyMem (
- (UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32) + NameStringLen,
+ (UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32) + NameStringLen,
DevicePath,
DevicePathSize
);
if (Signature != NULL) {
CopyMem (
- (UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32) + NameStringLen + DevicePathSize,
+ (UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32) + NameStringLen + DevicePathSize,
Signature,
SignatureSize
);
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c
index 38f462628a..45d5cfe3c6 100644
--- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c
+++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c
@@ -2,7 +2,7 @@
Implement authentication services for the authenticated variable
service in UEFI2.2.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -48,6 +48,8 @@ AutenticatedVariableServiceInitialize (
VARIABLE_HEADER VariableHeader;
BOOLEAN Valid;
+ ZeroMem (&VariableHeader, sizeof (VARIABLE_HEADER));
+
mVariableModuleGlobal->AuthenticatedVariableGuid[Physical] = &gEfiAuthenticatedVariableGuid;
mVariableModuleGlobal->CertRsa2048Sha256Guid[Physical] = &gEfiCertRsa2048Sha256Guid;
mVariableModuleGlobal->ImageSecurityDatabaseGuid[Physical] = &gEfiImageSecurityDatabaseGuid;
@@ -484,6 +486,7 @@ ProcessVarWithPk (
BOOLEAN Valid;
OldPkList = NULL;
+ ZeroMem (&VariableHeader, sizeof (VARIABLE_HEADER));
if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) {
//
@@ -623,6 +626,7 @@ ProcessVarWithKek (
BOOLEAN Valid;
KekList = NULL;
+ ZeroMem (&VariableHeader, sizeof (VARIABLE_HEADER));
if (mPlatformMode == USER_MODE) {
if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) {