CryptoPkg/BaseCryptLib: Fix potential integer overflow issue. - edk2 - Cross-platform firmware development environment

diff options

author	Long Qin <qin.long@intel.com>	2018-10-24 21:16:42 +0800
committer	Long Qin <qin.long@intel.com>	2018-10-31 11:07:53 +0800
commit	269f3b51803685eb3f4f4cd4415dc833d375efba (patch)
tree	887217b1784fdccad65d02cd3173bd2cb96126cf /BaseTools/Source/Python/GenFds/RuleComplexFile.py
parent	beabfd5800515e0a51fc2461671514adc0cef584 (diff)
download	edk2-269f3b51803685eb3f4f4cd4415dc833d375efba.tar.gz edk2-269f3b51803685eb3f4f4cd4415dc833d375efba.tar.bz2 edk2-269f3b51803685eb3f4f4cd4415dc833d375efba.zip

CryptoPkg/BaseCryptLib: Fix potential integer overflow issue.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1275 The LookupFreeMemRegion() in RuntimeMemAllocate.c is used to look-up free memory region for runtime resource allocation, which was designed to support runtime authenticated variable service. The ReqPages in this function is the required pages to be allocated, which depends on the malloc() call in internal OpenSSL routines. The direct offset subtractions on ReqPages may bring possible integer overflow issue. This patch is to add the extra parameter checks to remove this possible overflow risk. Cc: Ye Ting <ting.ye@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>

Diffstat (limited to 'BaseTools/Source/Python/GenFds/RuleComplexFile.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: