summaryrefslogtreecommitdiffstats
path: root/CryptoPkg
diff options
context:
space:
mode:
authorQin Long <qin.long@intel.com>2017-03-31 22:12:45 +0800
committerQin Long <qin.long@intel.com>2017-04-07 00:28:56 +0800
commit7c410b3d4180087020c7734bf67cdc4ad9fdb136 (patch)
treecfd941bc44ea0248b357bc4e6126f1f5fe9f86e1 /CryptoPkg
parent5d7a1d63c0fa53d411a06c6f03de939c1cc26da2 (diff)
downloadedk2-7c410b3d4180087020c7734bf67cdc4ad9fdb136.tar.gz
edk2-7c410b3d4180087020c7734bf67cdc4ad9fdb136.tar.bz2
edk2-7c410b3d4180087020c7734bf67cdc4ad9fdb136.zip
CryptoPkg/BaseCryptLib: Adding NULL checking in time() wrapper.
There are some explicit time(NULL) calls in openssl-1.1.0xx source, but the dummy time() wrapper in ConstantTimeClock.c (used by PEI and SMM module) has no any checks on NULL parameter. This is one bug and will cause the memory access issue. This patch adds the NULL parameter checking in time() wrapper. Cc: Ting Ye <ting.ye@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Diffstat (limited to 'CryptoPkg')
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c b/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c
index 7f20164999..0cd90434ca 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c
@@ -31,8 +31,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
time_t time (time_t *timer)
{
- *timer = 0;
- return *timer;
+ if (timer != NULL) {
+ *timer = 0;
+ }
+ return 0;
}
struct tm * gmtime (const time_t *timer)