tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add PubKey index check before touching PubKey cache. Internal PubKey Variable PubkeyIndex is always 0, causing Index – 1 overflow. Update corresponding comments. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao, Zhang <chao.b.zhang@intel.com>
Reviewed-by: Dong, Guo <guo.dong@intel.com>
Reviewed-by: Fu, Siyuan <siyuan.fu@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16220 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Chao, Zhang 2014-10-21 00:35:49 +00:00 committed by czhang46
parent edb5073413
commit 8c83d0c0b9
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
View File

@ -1410,9 +1410,11 @@ ProcessVariable (
if (!IsFirstTime) { if (!IsFirstTime) {
// //
// Check input PubKey. // 2 cases need to check here
// 1. Internal PubKey variable. PubKeyIndex is always 0
// 2. Other counter-based AuthVariable. Check input PubKey.
// //
if (CompareMem (PubKey, mPubKeyStore + (KeyIndex - 1) * EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) { if (KeyIndex == 0 || CompareMem (PubKey, mPubKeyStore + (KeyIndex - 1) * EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) {
return EFI_SECURITY_VIOLATION; return EFI_SECURITY_VIOLATION;
} }
// //