diff options
| author | Cohen, Eugene <eugene@hp.com> | 2015-10-19 02:53:22 +0000 |
|---|---|---|
| committer | czhang46 <czhang46@Edk2> | 2015-10-19 02:53:22 +0000 |
| commit | 3a2e6a740dff2dd2978264af17cc26f5b56e6623 (patch) | |
| tree | b6a0fdfaea704ee8af81e7081afa0f281edfbd25 /SecurityPkg | |
| parent | fcb636ea4244cb29d3f6a6d938dd9f7692ecfa7c (diff) | |
| download | edk2-platforms-3a2e6a740dff2dd2978264af17cc26f5b56e6623.tar.xz | |
SecurityPkg : Fix Rsa2048Sha256GuidedSectionExtractLib issue
This issue causes section extraction overrun and possible hang due to bad output size calculation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Cohen, Eugene" <eugene@hp.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18625 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
2 files changed, 4 insertions, 4 deletions
diff --git a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c index 1f7a29904f..5f5d242d6e 100644 --- a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c +++ b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c @@ -86,7 +86,7 @@ Rsa2048Sha256GuidedSectionGetInfo ( //
*SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION2_SIZE (InputSection) - ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->DataOffset;
+ *OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION2_HEADER);
} else {
//
// Check whether the input guid section is recognized.
@@ -101,7 +101,7 @@ Rsa2048Sha256GuidedSectionGetInfo ( //
*SectionAttribute = ((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION_SIZE (InputSection) - ((EFI_GUID_DEFINED_SECTION *) InputSection)->DataOffset;
+ *OutputBufferSize = SECTION_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION_HEADER);
}
return EFI_SUCCESS;
diff --git a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c index e2a0fb6708..e448164a5a 100644 --- a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c +++ b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c @@ -84,7 +84,7 @@ Rsa2048Sha256GuidedSectionGetInfo ( //
*SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION2_SIZE (InputSection) - ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->DataOffset;
+ *OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION2_HEADER);
} else {
//
// Check whether the input guid section is recognized.
@@ -99,7 +99,7 @@ Rsa2048Sha256GuidedSectionGetInfo ( //
*SectionAttribute = ((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION_SIZE (InputSection) - ((EFI_GUID_DEFINED_SECTION *) InputSection)->DataOffset;
+ *OutputBufferSize = SECTION_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION_HEADER);
}
return EFI_SUCCESS;
|