mirror of https://github.com/acidanthera/audk.git
269f3b5180
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1275 The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up free memory region for runtime resource allocation, which was designed to support runtime authenticated variable service. The ReqPages in this function is the required pages to be allocated, which depends on the malloc() call in internal OpenSSL routines. The direct offset subtractions on ReqPages may bring possible integer overflow issue. This patch is to add the extra parameter checks to remove this possible overflow risk. Cc: Ye Ting <ting.ye@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> |
||
|---|---|---|
| .. | ||
| Cipher | ||
| Hash | ||
| Hmac | ||
| Pem | ||
| Pk | ||
| Rand | ||
| SysCall | ||
| BaseCryptLib.inf | ||
| BaseCryptLib.uni | ||
| InternalCryptLib.h | ||
| PeiCryptLib.inf | ||
| PeiCryptLib.uni | ||
| RuntimeCryptLib.inf | ||
| RuntimeCryptLib.uni | ||
| SmmCryptLib.inf | ||
| SmmCryptLib.uni | ||