tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/MdePkg/Library/DxeRngLib
History
Doug Cook (WINDOWS) fd9501f582 DxeRngLib: GetRandomNumber spurious success 
The GetRandomNumber functions in DxeRngLib can return success without
actually generating a random number. This occurs because there are code
paths through `GenerateRandomNumberViaNist800Algorithm` that do not
initialize the `Status` variable.

- Assume mFirstAlgo == MAX_UINTN (no secure algorithms available)
- Assume none of the secure algorithms have `Available` set.
- Assume PcdEnforceSecureRngAlgorithms is TRUE.

In this condition, the `Status` variable is never initialized, `Buffer`
data is never touched. It is fairly likely that Status is 0, so we can
return EFI_SUCCESS without writing anything to Buffer.

Fix is to set `Status = error_code` in this code path.
`EFI_SECURITY_VIOLATION` seems appropriate.

Signed-off-by: Doug Cook <idigdoug@gmail.com>
 		2024-12-06 15:55:55 +00:00
..
DxeRngLib.c DxeRngLib: GetRandomNumber spurious success 2024-12-06 15:55:55 +00:00
DxeRngLib.inf MdePkg/DxeRngLib: Add gEfiRngAlgorithmArmRndr to the secure algorithms 2024-09-13 14:34:21 +00:00
DxeRngLib.uni