Revision: 16220
http://sourceforge.net/p/edk2/code/16220
Author: czhang46
Date: 2014-10-21 00:35:49 +0000 (Tue, 21 Oct 2014)
Log Message:
-----------
Add PubKey index check before touching PubKey cache. Internal PubKey Variable
PubkeyIndex is always 0, causing Index ?\226?\128?\147 1 overflow. Update
corresponding comments.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao, Zhang <[email protected]>
Reviewed-by: Dong, Guo <[email protected]>
Reviewed-by: Fu, Siyuan <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
Modified: trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
===================================================================
--- trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2014-10-15 14:15:21 UTC (rev 16219)
+++ trunk/edk2/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
2014-10-21 00:35:49 UTC (rev 16220)
@@ -1410,9 +1410,11 @@
if (!IsFirstTime) {
//
- // Check input PubKey.
+ // 2 cases need to check here
+ // 1. Internal PubKey variable. PubKeyIndex is always 0
+ // 2. Other counter-based AuthVariable. Check input PubKey.
//
- if (CompareMem (PubKey, mPubKeyStore + (KeyIndex - 1) *
EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) {
+ if (KeyIndex == 0 || CompareMem (PubKey, mPubKeyStore + (KeyIndex - 1) *
EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) {
return EFI_SECURITY_VIOLATION;
}
//
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
