lersek / edk2

Clone
Source Code
GIT

503248c SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd, SecDataDirLeft

1 file Authored by lersek 3 years ago, Committed by mergify[bot] 3 years ago,
raw patch tree parent
1 file changed. 8 lines added. 4 lines removed.
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
file modified
+8 -4 
    SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd, SecDataDirLeft
    
    The following two quantities:
    
      SecDataDir->VirtualAddress + SecDataDir->Size
      SecDataDir->VirtualAddress + SecDataDir->Size - OffSet
    
    are used multiple times in DxeImageVerificationHandler(). Introduce helper
    variables for them: "SecDataDirEnd" and "SecDataDirLeft", respectively.
    This saves us multiple calculations and significantly simplifies the code.
    
    Note that all three summands above have type UINT32, therefore the new
    variables are also of type UINT32.
    
    This patch does not change behavior.
    
    (Note that the code already handles the case when the
    
      SecDataDir->VirtualAddress + SecDataDir->Size
    
    UINT32 addition overflows -- namely, in that case, the certificate loop is
    never entered, and the corruption check right after the loop fires.)
    
    Cc: Jian J Wang <jian.j.wang@intel.com>
    Cc: Jiewen Yao <jiewen.yao@intel.com>
    Cc: Min Xu <min.m.xu@intel.com>
    Cc: Wenyi Xie <xiewenyi2@huawei.com>
    Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
    Signed-off-by: Laszlo Ersek <lersek@redhat.com>
    Message-Id: <20200901091221.20948-2-lersek@redhat.com>
    Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
    Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
    Reviewed-by: Min M Xu <min.m.xu@intel.com>
    Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
file modified
+8 -4
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.