mirror of https://github.com/acidanthera/audk.git
dfd3119ab2
When enrolling the certificate from a file, the suffix check function check the last 4 characters to filter out non-DER files. However, if the length of the file name is less than 4, the address prior to the file name will be accessed while it shouldn't. This commit checks the length of the file name to avoid illegal access. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14556 6f19259b-4bc3-4df7-8a09-765794883524 |
||
|---|---|---|
| .. | ||
| SecureBootConfig.vfr | ||
| SecureBootConfigDevicePath.c | ||
| SecureBootConfigDriver.c | ||
| SecureBootConfigDxe.inf | ||
| SecureBootConfigFileExplorer.c | ||
| SecureBootConfigImpl.c | ||
| SecureBootConfigImpl.h | ||
| SecureBootConfigMisc.c | ||
| SecureBootConfigNvData.h | ||
| SecureBootConfigStrings.uni | ||