diff options
| author | Qin Long <qin.long@intel.com> | 2015-06-16 00:54:16 +0000 |
|---|---|---|
| committer | qlong <qlong@Edk2> | 2015-06-16 00:54:16 +0000 |
| commit | 1463ce18ca7c4f971c08cc6341dbb0adb25c831a (patch) | |
| tree | dc297d4eaf3ff5330ce62be72eadaa25bf755b14 /CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | |
| parent | 73c54a58232b419906e9494a79c2c5eb71919caf (diff) | |
| download | edk2-1463ce18ca7c4f971c08cc6341dbb0adb25c831a.tar.gz edk2-1463ce18ca7c4f971c08cc6341dbb0adb25c831a.tar.bz2 edk2-1463ce18ca7c4f971c08cc6341dbb0adb25c831a.zip | |
CryptoPkg: Wrapper files updates to support openssl-1.0.2c
This patch updates some support header and wrapper files to support
openssl-1.0.2c build, and correct some openssl API usages and
boundary check.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17635 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c')
| -rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 29efc42b02..02851d5701 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -1,7 +1,7 @@ /** @file
X.509 Certificate Handler Wrapper Implementation over OpenSSL.
-Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -38,7 +38,8 @@ X509ConstructCertificate ( OUT UINT8 **SingleX509Cert
)
{
- X509 *X509Cert;
+ X509 *X509Cert;
+ CONST UINT8 *Temp;
//
// Check input parameters.
@@ -50,7 +51,8 @@ X509ConstructCertificate ( //
// Read DER-encoded X509 Certificate and Construct X509 object.
//
- X509Cert = d2i_X509 (NULL, &Cert, (long) CertSize);
+ Temp = Cert;
+ X509Cert = d2i_X509 (NULL, &Temp, (long) CertSize);
if (X509Cert == NULL) {
return FALSE;
}
@@ -123,6 +125,9 @@ X509ConstructCertificateStack ( }
CertSize = VA_ARG (Args, UINTN);
+ if (CertSize == 0) {
+ break;
+ }
//
// Construct X509 Object from the given DER-encoded certificate data.
@@ -133,7 +138,9 @@ X509ConstructCertificateStack ( (UINT8 **) &X509Cert
);
if (!Status) {
- X509_free (X509Cert);
+ if (X509Cert != NULL) {
+ X509_free (X509Cert);
+ }
break;
}
@@ -518,7 +525,8 @@ X509GetTBSCert ( //
// Check input parameters.
//
- if ((Cert == NULL) || (TBSCert == NULL) || (TBSCertSize == NULL)) {
+ if ((Cert == NULL) || (TBSCert == NULL) ||
+ (TBSCertSize == NULL) || (CertSize > INT_MAX)) {
return FALSE;
}
|