[edk2] [Patch] SecurityPkg: Fix wrong cert data measurement in DBX path

Zhang, Chao B Mon, 08 Jun 2015 19:14:09 -0700

Fix wrong cert data measurement when image is rejected by DBX

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


diff --git 
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c 
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 9a61723..d7e286b 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1294,7 +1294,7 @@ IsForbiddenByDbx (
                         mImageDigestSize
                         );
         if (IsForbidden) {
-          SecureBootHook (EFI_IMAGE_SECURITY_DATABASE1, 
&gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, Cert);
+          SecureBootHook (EFI_IMAGE_SECURITY_DATABASE1, 
&gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, CertData);
           goto Done;
         }
 
-- 
1.9.5.msysgit.1


------------------------------------------------------------------------------
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

[edk2] [Patch] SecurityPkg: Fix wrong cert data measurement in DBX path

Reply via email to