summaryrefslogtreecommitdiffstats
path: root/CryptoPkg
diff options
context:
space:
mode:
authorQingyu <qingyu.shang@intel.com>2024-05-14 11:16:33 +0800
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2024-05-31 12:24:38 +0000
commit7c584bb04874bb5bad16fcf3996f5a893cc81a1c (patch)
tree4e7663c82eea890683adadb17602a5ece740a525 /CryptoPkg
parent746cc5cc40bef22d606cd22d1feb10d73a7b3d11 (diff)
downloadedk2-7c584bb04874bb5bad16fcf3996f5a893cc81a1c.tar.gz
edk2-7c584bb04874bb5bad16fcf3996f5a893cc81a1c.tar.bz2
edk2-7c584bb04874bb5bad16fcf3996f5a893cc81a1c.zip
CryptoPkg: Fix bug for correct return value checking when get X509Cert
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509 CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable to collect the return value of ASN1_get_object(), which return 0x80 in error case. Supplement the return value check during the second function call and correct the check logic. Signed-off-by: Qingyu <qingyu.shang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Yi Li <yi1.li@intel.com>
Diffstat (limited to 'CryptoPkg')
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 1182323b63..7ebec9dbad 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
Length = 0;
Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
*TBSCert = (UINT8 *)Temp;
- ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
+ Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
//
// Verify the parsed TBSCertificate is one correct SEQUENCE data.
//
- if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+ if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-03 17:29:36 +0000