From 4ef15e6e336325c78eeab67d93fadf1b6d9dfdde Mon Sep 17 00:00:00 2001 From: sfu5 Date: Mon, 28 May 2012 04:51:53 +0000 Subject: Fix a bug in DxeImageVerificationLib to use the correct certificate length when verifying a signed EFI image. Signed-off-by: Fu Siyuan Reviewed-by: Dong Guo Reviewed-by: Ye Ting git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13364 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'SecurityPkg') diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 3e0bbe1ee4..843ca2a92c 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -946,7 +946,7 @@ IsPkcsSignedDataVerifiedBySignatureList ( // VerifyStatus = AuthenticodeVerify ( PkcsCertData->CertData, - mSecDataDir->Size - sizeof(PkcsCertData->Hdr), + PkcsCertData->Hdr.dwLength - sizeof(PkcsCertData->Hdr), RootCert, RootCertSize, mImageDigest, -- cgit v1.2.3