tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/CryptoPkg
History
Long Qin 269f3b5180 CryptoPkg/BaseCryptLib: Fix potential integer overflow issue. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1275

The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up
free memory region for runtime resource allocation, which was designed
to support runtime authenticated variable service.
The ReqPages in this function is the required pages to be allocated,
which depends on the malloc() call in internal OpenSSL routines. The
direct offset subtractions on ReqPages may bring possible integer
overflow issue.

This patch is to add the extra parameter checks to remove this possible
overflow risk.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
 		2018-10-31 11:07:53 +08:00
..
Include/Library CryptoPkg: Removing ipf which is no longer supported from edk2. 2018-09-25 23:40:41 +08:00
Library CryptoPkg/BaseCryptLib: Fix potential integer overflow issue. 2018-10-31 11:07:53 +08:00
CryptoPkg.dec CryptoPkg: Removing ipf which is no longer supported from edk2. 2018-09-25 23:40:41 +08:00
CryptoPkg.dsc CryptoPkg: Removing ipf which is no longer supported from edk2. 2018-09-25 23:40:41 +08:00
CryptoPkg.uni CryptoPkg: Clean up source files 2018-06-28 11:19:40 +08:00
CryptoPkgExtra.uni CryptoPkg: Clean up source files 2018-06-28 11:19:40 +08:00