edk2[17981] SecurityPkg: Fix DBX Variable Read Error in ImageVerificationLib

[czhang46]

Revision: 17981
          http://sourceforge.net/p/edk2/code/17981
Author:   czhang46
Date:     2015-07-15 02:13:48 +0000 (Wed, 15 Jul 2015)
Log Message:
-----------
SecurityPkg: Fix DBX Variable Read Error in ImageVerificationLib

ImageVerificationLib passes wrong data buffer size when reading DBX variable, 
causing heap crash.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
Reviewed-by: Qin Long <qin.l...@intel.com>

Modified Paths:
--------------
    
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c

Modified: 
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
===================================================================
--- 
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
    2015-07-15 02:13:22 UTC (rev 17980)
+++ 
trunk/edk2/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
    2015-07-15 02:13:48 UTC (rev 17981)
@@ -1448,7 +1448,7 @@
             if (Status == EFI_BUFFER_TOO_SMALL) {
               goto Done;
             }
-            DbxData = (UINT8 *) AllocateZeroPool (DataSize);
+            DbxData = (UINT8 *) AllocateZeroPool (DbxDataSize);
             if (DbxData == NULL) {
               goto Done;
             }


------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits