SecurityPkg/DxeImageVerificationLib: avoid bypass in fetching dbx (CVE-2019-14575) - edk2 - Cross-platform firmware development environment

diff options

author	Jian J Wang <jian.j.wang@intel.com>	2019-10-10 14:28:36 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2020-02-19 14:08:23 +0000
commit	929d1a24d12822942fd4f9fa83582e27f92de243 (patch)
tree	67ce536e462dafea2962da43b0e2b833049802d9 /BaseTools/Source/Python/Table/Table.py
parent	9e569700901857d0ba418ebdd30b8086b908688c (diff)
download	edk2-929d1a24d12822942fd4f9fa83582e27f92de243.tar.gz edk2-929d1a24d12822942fd4f9fa83582e27f92de243.tar.bz2 edk2-929d1a24d12822942fd4f9fa83582e27f92de243.zip

SecurityPkg/DxeImageVerificationLib: avoid bypass in fetching dbx (CVE-2019-14575)

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608 In timestamp check after the cert is found in db, the original code jumps to 'Done' if any error happens in fetching dbx variable. At any of the jump, VerifyStatus equals to TRUE, which means allowed-by-db. This should not be allowed except to EFI_NOT_FOUND case (meaning dbx doesn't exist), because it could be used to bypass timestamp check. This patch add code to change VerifyStatus to FALSE in the case of memory allocation failure and dbx fetching failure to avoid potential bypass issue. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

Diffstat (limited to 'BaseTools/Source/Python/Table/Table.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: