From be02dcee3a28cfd2e340dec5b262657aea5e0655 Mon Sep 17 00:00:00 2001
From: czhang46 <czhang46@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Fri, 17 Aug 2012 07:59:51 +0000
Subject: Fix  TCG protocol PassThroughToTpm() SDL issue

Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by  : Dong Guo <guo.dong@intel.com>
Reviewed-by  : Fu, Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13646 6f19259b-4bc3-4df7-8a09-765794883524
---
 SecurityPkg/Tcg/TcgDxe/TcgDxe.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'SecurityPkg/Tcg/TcgDxe/TcgDxe.c')

diff --git a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
index 75c6a8978f..fea59c35b6 100644
--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
@@ -1,6 +1,13 @@
 /** @file  
   This module implements TCG EFI Protocol.
-  
+ 
+Caution: This module requires additional review when modified.
+This driver will have external input - TcgDxePassThroughToTpm
+This external input must be validated carefully to avoid security issue like
+buffer overflow, integer overflow.
+
+TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.
+
 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD License 
@@ -384,6 +391,13 @@ TcgDxePassThroughToTpm (
 {
   TCG_DXE_DATA                      *TcgData;
 
+  if (TpmInputParameterBlock == NULL || 
+      TpmOutputParameterBlock == NULL || 
+      TpmInputParameterBlockSize == 0 ||
+      TpmOutputParameterBlockSize == 0) {
+    return EFI_INVALID_PARAMETER;
+  }
+
   TcgData = TCG_DXE_DATA_FROM_THIS (This);
 
   return TisPcExecute (
-- 
cgit v1.2.3