Fix several issues in BaseCryptLib:

1. Add input length check for several APIs in BaseCryptLib.
2. Add return status check when calling OpensslLib functions
3. Adjust BaseCryptLib API to match description of wrapped OpensslLib API.
4. Update INF file to add missed RuntimeServicesTableLib.
5. Fix return status issue of APIs in CryptX509.c that incorrect when error occurs.

Signed-off-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13579 6f19259b-4bc3-4df7-8a09-765794883524

1 files changed, 5 insertions, 1 deletions

diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c
index 881141cd08..dcc1853f13 100644
--- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c
+++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c
@@ -41,6 +41,10 @@ RandomSeed (
 {

   CHAR8  DefaultSeed[128];

 

+  if (SeedSize > INT_MAX) {

+    return FALSE;

+  }

+

   //

   // Seed the pseudorandom number generator with user-supplied value.

   // NOTE: A cryptographic PRNG must be seeded with unpredictable data.

@@ -86,7 +90,7 @@ RandomBytes (
   //

   // Check input parameters.

   //

-  if (Output == NULL) {

+  if (Output == NULL || Size > INT_MAX) {

     return FALSE;

   }