Revision: 14531
http://sourceforge.net/p/edk2/code/14531
Author: gdong1
Date: 2013-08-08 02:41:37 +0000 (Thu, 08 Aug 2013)
Log Message:
-----------
Checks the length of the file name to avoid illegal access.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Ching-Pang Lin <[email protected]>
Reviewed-by: Jordan Justen <[email protected]>
Reviewed-by: Guo Dong <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
Modified:
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
===================================================================
---
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-08-07 11:28:15 UTC (rev 14530)
+++
trunk/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
2013-08-08 02:41:37 UTC (rev 14531)
@@ -399,6 +399,7 @@
UINTN DataSize;
EFI_SIGNATURE_LIST *PkCert;
UINT16* FilePostFix;
+ UINTN NameLength;
if (Private->FileContext->FileName == NULL) {
return EFI_INVALID_PARAMETER;
@@ -414,7 +415,11 @@
//
// Parse the file's postfix. Only support DER encoded X.509 certificate
files.
//
- FilePostFix = Private->FileContext->FileName + StrLen
(Private->FileContext->FileName) - 4;
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
if (!IsDerEncodeCertificate(FilePostFix)) {
DEBUG ((EFI_D_ERROR, "Unsupported file type, only DER encoded certificate
(%s) is supported.", mSupportX509Suffix));
return EFI_INVALID_PARAMETER;
@@ -803,6 +808,7 @@
{
UINT16* FilePostFix;
EFI_STATUS Status;
+ UINTN NameLength;
if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID ==
NULL)) {
return EFI_INVALID_PARAMETER;
@@ -817,7 +823,11 @@
// Parse the file's postfix. Supports DER-encoded X509 certificate,
// and .pbk as RSA public key file.
//
- FilePostFix = Private->FileContext->FileName + StrLen
(Private->FileContext->FileName) - 4;
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
if (IsDerEncodeCertificate(FilePostFix)) {
return EnrollX509ToKek (Private);
} else if (CompareMem (FilePostFix, L".pbk",4) == 0) {
@@ -1551,6 +1561,7 @@
{
UINT16* FilePostFix;
EFI_STATUS Status;
+ UINTN NameLength;
if ((Private->FileContext->FileName == NULL) ||
(Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
return EFI_INVALID_PARAMETER;
@@ -1564,7 +1575,11 @@
//
// Parse the file's postfix.
//
- FilePostFix = Private->FileContext->FileName + StrLen
(Private->FileContext->FileName) - 4;
+ NameLength = StrLen (Private->FileContext->FileName);
+ if (NameLength <= 4) {
+ return EFI_INVALID_PARAMETER;
+ }
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;
if (IsDerEncodeCertificate(FilePostFix)) {
//
// Supports DER-encoded X509 certificate.
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
