From 12373f2cfedc4ba1d4bf3c1c3ce1fda31cb17a0d Mon Sep 17 00:00:00 2001
From: sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Wed, 4 Jul 2012 04:39:18 +0000
Subject: [PATCH] Fix a buffer overflow bug in VariableSmm driver.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Zhang Chao <chao.b.zhang@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13486 6f19259b-4bc3-4df7-8a09-765794883524
---
 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
index 944394bef1..37b6f11839 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
@@ -290,7 +290,7 @@ SmmVariableGetStatistics (
   }
 
   StatisticsInfoSize = sizeof (VARIABLE_INFO_ENTRY) + StrSize (VariableInfo->Name);
-  if (*InfoSize < sizeof (VARIABLE_INFO_ENTRY)) {
+  if (*InfoSize < StatisticsInfoSize) {
     *InfoSize = StatisticsInfoSize;
     return EFI_BUFFER_TOO_SMALL;
   }