diff options
author | Jian J Wang <jian.j.wang@intel.com> | 2019-09-17 11:04:33 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-02-19 14:08:23 +0000 |
commit | 5cd8be6079ea7e5638903b2f3da0f4c10ec7f1da (patch) | |
tree | 4e8af341c2fa4b4fd5635307e015c7dbea872285 | |
parent | a83dbf008cc73406cbdc0d5ac3164cc19fff6683 (diff) | |
download | edk2-5cd8be6079ea7e5638903b2f3da0f4c10ec7f1da.tar.gz edk2-5cd8be6079ea7e5638903b2f3da0f4c10ec7f1da.tar.bz2 edk2-5cd8be6079ea7e5638903b2f3da0f4c10ec7f1da.zip |
SecurityPkg/DxeImageVerificationLib: tighten default result (CVE-2019-14575)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608
All intermediate results inside this function will be checked and
returned immediately upon any failure or error, like out-of-resource,
hash calculation error or certificate retrieval failure.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
-rw-r--r-- | SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 85261ba7f2..470a0d20ef 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -1240,7 +1240,7 @@ IsForbiddenByDbx ( //
// Variable Initialization
//
- IsForbidden = FALSE;
+ IsForbidden = TRUE;
Data = NULL;
CertList = NULL;
CertData = NULL;
@@ -1257,7 +1257,14 @@ IsForbiddenByDbx ( //
DataSize = 0;
Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
+ ASSERT (EFI_ERROR (Status));
if (Status != EFI_BUFFER_TOO_SMALL) {
+ if (Status == EFI_NOT_FOUND) {
+ //
+ // Evidently not in dbx if the database doesn't exist.
+ //
+ IsForbidden = FALSE;
+ }
return IsForbidden;
}
Data = (UINT8 *) AllocateZeroPool (DataSize);
@@ -1374,6 +1381,8 @@ IsForbiddenByDbx ( }
+ IsForbidden = FALSE;
+
Done:
if (Data != NULL) {
FreePool (Data);
|