Virtualization
/
edk2
mirror of https://gitlab.com/qemu-project/edk2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

CryptoPkg: Fix bug for correct return value checking when get X509Cert 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509

CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable
to collect the return value of ASN1_get_object(), which return 0x80 in error
case. Supplement the return value check during the second function call
and correct the check logic.

Signed-off-by: Qingyu <qingyu.shang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Yi Li <yi1.li@intel.com>
This commit is contained in:
Qingyu 2024-05-14 11:16:33 +08:00 committed by mergify[bot]
parent 746cc5cc40
commit 7c584bb048
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
View File

@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0; Length = 0;
Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE; return FALSE;
} }
*TBSCert = (UINT8 *)Temp; *TBSCert = (UINT8 *)Temp;
ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
// //
// Verify the parsed TBSCertificate is one correct SEQUENCE data. // Verify the parsed TBSCertificate is one correct SEQUENCE data.
// //
if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE; return FALSE;
} }