diff options
author | Eric Dong <eric.dong@intel.com> | 2014-06-25 06:00:49 +0000 |
---|---|---|
committer | ydong10 <ydong10@6f19259b-4bc3-4df7-8a09-765794883524> | 2014-06-25 06:00:49 +0000 |
commit | 1fee5304db562db9f0757af077da100336566cd9 (patch) | |
tree | 4341a8e75209dd8714b3cdd01cd6673dba45da85 /SecurityPkg | |
parent | 393a3169c2a777e3ed899c85f7827258a13f0755 (diff) | |
download | edk2-platforms-1fee5304db562db9f0757af077da100336566cd9.tar.xz |
Refine code to make it more safely.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15590 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
-rw-r--r-- | SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 12 | ||||
-rw-r--r-- | SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c | 6 |
2 files changed, 11 insertions, 7 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 9f2bd68299..0a48ce1628 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -770,22 +770,22 @@ AddImageExeInfo ( //
// Update new item's information.
//
- WriteUnaligned32 ((UINT32 *) &ImageExeInfoEntry->Action, Action);
- WriteUnaligned32 ((UINT32 *) &ImageExeInfoEntry->InfoSize, (UINT32) NewImageExeInfoEntrySize);
+ WriteUnaligned32 ((UINT32 *) ImageExeInfoEntry, Action);
+ WriteUnaligned32 ((UINT32 *) ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION)), (UINT32) NewImageExeInfoEntrySize);
if (Name != NULL) {
- CopyMem ((UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32), Name, NameStringLen);
+ CopyMem ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32), Name, NameStringLen);
} else {
- ZeroMem ((UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32), sizeof (CHAR16));
+ ZeroMem ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32), sizeof (CHAR16));
}
CopyMem (
- (UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32) + NameStringLen,
+ (UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32) + NameStringLen,
DevicePath,
DevicePathSize
);
if (Signature != NULL) {
CopyMem (
- (UINT8 *) &ImageExeInfoEntry->InfoSize + sizeof (UINT32) + NameStringLen + DevicePathSize,
+ (UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION) + sizeof (UINT32) + NameStringLen + DevicePathSize,
Signature,
SignatureSize
);
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c index 38f462628a..45d5cfe3c6 100644 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c @@ -2,7 +2,7 @@ Implement authentication services for the authenticated variable
service in UEFI2.2.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -48,6 +48,8 @@ AutenticatedVariableServiceInitialize ( VARIABLE_HEADER VariableHeader;
BOOLEAN Valid;
+ ZeroMem (&VariableHeader, sizeof (VARIABLE_HEADER));
+
mVariableModuleGlobal->AuthenticatedVariableGuid[Physical] = &gEfiAuthenticatedVariableGuid;
mVariableModuleGlobal->CertRsa2048Sha256Guid[Physical] = &gEfiCertRsa2048Sha256Guid;
mVariableModuleGlobal->ImageSecurityDatabaseGuid[Physical] = &gEfiImageSecurityDatabaseGuid;
@@ -484,6 +486,7 @@ ProcessVarWithPk ( BOOLEAN Valid;
OldPkList = NULL;
+ ZeroMem (&VariableHeader, sizeof (VARIABLE_HEADER));
if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) {
//
@@ -623,6 +626,7 @@ ProcessVarWithKek ( BOOLEAN Valid;
KekList = NULL;
+ ZeroMem (&VariableHeader, sizeof (VARIABLE_HEADER));
if (mPlatformMode == USER_MODE) {
if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) {
|