tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-04-08 17:05:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

CryptoPkg: Fix bug for correct return value checking when get X509Cert

Browse Source 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509

CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable
to collect the return value of ASN1_get_object(), which return 0x80 in error
case. Supplement the return value check during the second function call
and correct the check logic.

Signed-off-by: Qingyu <qingyu.shang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Yi Li <yi1.li@intel.com>
This commit is contained in:
Qingyu 2024-05-14 11:16:33 +08:00 committed by mergify[bot]
parent 746cc5cc40
commit 7c584bb048
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
View File

@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}