tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CryptoPkg/BaseCryptLib: Clean up checking of PKCS#7 contents type 

Use the new OBJ_get0_data() accessor to compare the data, and actually
check the length of the object too.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18702 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
David Woodhouse 2015-10-29 14:16:37 +00:00 committed by qlong
parent 338bfd970a
commit e6eaada468
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
View File

@ -77,7 +77,7 @@ AuthenticodeVerify (
UINT8 *SpcIndirectDataContent;
UINT8 Asn1Byte;
UINTN ContentSize;
UINT8 *SpcIndirectDataOid;
CONST UINT8 *SpcIndirectDataOid;
//
// Check input parameters.
@ -115,8 +115,9 @@ AuthenticodeVerify (
// some authenticode-specific structure. Use opaque ASN.1 string to retrieve
// PKCS#7 ContentInfo here.
//
SpcIndirectDataOid = (UINT8 *)(Pkcs7->d.sign->contents->type->data);
if (CompareMem (
SpcIndirectDataOid = OBJ_get0_data(Pkcs7->d.sign->contents->type);
if (OBJ_length(Pkcs7->d.sign->contents->type) != sizeof(mSpcIndirectOidValue) ||
CompareMem (
SpcIndirectDataOid,
mSpcIndirectOidValue,
sizeof (mSpcIndirectOidValue)