From dda39f3a5850458391aaab330971d46bc9c2b690 Mon Sep 17 00:00:00 2001
From: tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Thu, 2 Aug 2012 02:49:24 +0000
Subject: Fix several issues in BaseCryptLib: 1. Add input length check for
 several APIs in BaseCryptLib. 2. Add return status check when calling
 OpensslLib functions 3. Adjust BaseCryptLib API to match description of
 wrapped OpensslLib API. 4. Update INF file to add missed
 RuntimeServicesTableLib. 5. Fix return status issue of APIs in CryptX509.c
 that incorrect when error occurs.

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13579 6f19259b-4bc3-4df7-8a09-765794883524
---
 CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c  | 12 ++++++++++--
 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c |  4 ++--
 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c | 12 ++++++++++--
 3 files changed, 22 insertions(+), 6 deletions(-)

(limited to 'CryptoPkg/Library/BaseCryptLib/Cipher')

diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
index c8dbb797fa..753d79814f 100644
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
+++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
@@ -241,7 +241,11 @@ AesCbcEncrypt (
   //
   // Check input parameters.
   //
-  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) {
+  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) {
+    return FALSE;
+  }
+
+  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
     return FALSE;
   }
 
@@ -299,7 +303,11 @@ AesCbcDecrypt (
   //
   // Check input parameters.
   //
-  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) {
+  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) {
+    return FALSE;
+  }
+
+  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
     return FALSE;
   }
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
index 0e5331c20d..f3c4d31a2d 100644
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
+++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
@@ -115,7 +115,7 @@ Arc4Encrypt (
   //
   // Check input parameters.
   //
-  if (Arc4Context == NULL || Input == NULL || Output == NULL) {
+  if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
     return FALSE;
   }
 
@@ -161,7 +161,7 @@ Arc4Decrypt (
   //
   // Check input parameters.
   //
-  if (Arc4Context == NULL || Input == NULL || Output == NULL) {
+  if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
     return FALSE;
   }
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
index f3a1eb7293..f89094a581 100644
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
+++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
@@ -275,7 +275,11 @@ TdesCbcEncrypt (
   //
   // Check input parameters.
   //
-  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) {
+  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) {
+    return FALSE;
+  }
+
+  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
     return FALSE;
   }
 
@@ -339,7 +343,11 @@ TdesCbcDecrypt (
   //
   // Check input parameters.
   //
-  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) {
+  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) {
+    return FALSE;
+  }
+
+  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
     return FALSE;
   }
 
-- 
cgit v1.2.3