diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2017-10-17 20:54:00 +0200 |
|---|---|---|
| committer | Laszlo Ersek <lersek@redhat.com> | 2017-10-17 21:46:21 +0200 |
| commit | 11b74aa4724af1fea95e1b28a6bf605ed22df28f (patch) | |
| tree | 0193a78ffd2f9fc29926aa8551fce8063ffc56e5 /SecurityPkg/Library | |
| parent | 6041ac65ae879389f3ab5c0699f916d3e71c97fe (diff) | |
| download | edk2-11b74aa4724af1fea95e1b28a6bf605ed22df28f.tar.gz edk2-11b74aa4724af1fea95e1b28a6bf605ed22df28f.tar.bz2 edk2-11b74aa4724af1fea95e1b28a6bf605ed22df28f.zip | |
SecurityPkg/AuthVariableLib: fix GCC build error
Commit 53c6ff180327 ("SecurityPkg:AuthVariableLib:Implement ECR1707 for
Private Auth Variable", 2017-09-12) introduced the following build
failure under several GCC toolchain versions:
> SecurityPkg/Library/AuthVariableLib/AuthService.c: In function
> 'CalculatePrivAuthVarSignChainSHA256Digest':
> SecurityPkg/Library/AuthVariableLib/AuthService.c:1567:58: error:
> pointer targets in passing argument 3 of 'X509GetCommonName' differ in
> signedness [-Werror=pointer-sign]
> Status = X509GetCommonName(SignerCert, SignerCertSize, CertCommonName, &CertCommonNameSize);
> ^~~~~~~~~~~~~~
> In file included from
> SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h:34:0,
> from
> SecurityPkg/Library/AuthVariableLib/AuthService.c:32:
> CryptoPkg/Include/Library/BaseCryptLib.h:2202:1: note: expected 'CHAR8 *
> {aka char *}' but argument is of type 'UINT8 * {aka unsigned char *}'
> X509GetCommonName (
> ^~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
Fix it by changing the type of "CertCommonName" to array-of-CHAR8.
Locations where "CertCommonName" is used in the
CalculatePrivAuthVarSignChainSHA256Digest() function:
- it is taken the size of -- not impacted by this patch;
- passed to X509GetCommonName() as an argument -- the patch fixes the
build error;
- passed to Sha256Update() as argument for "IN CONST VOID *Data" -- not
impacted by the patch;
- passed to AsciiStrLen() as argument -- drop the now-superfluous explicit
cast.
Since we are touching the Sha256Update() function call, fix the coding
style too:
- the line is overlong, so break each argument to its own line;
- insert a space between "AsciiStrLen" and the opening paren "(".
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Gary Lin <glin@suse.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Long Qin <qin.long@intel.com>
Reported-by: Gary Lin <glin@suse.com>
Suggested-by: Gary Lin <glin@suse.com>
Suggested-by: Long Qin <qin.long@intel.com>
Fixes: 53c6ff18032737fabb644a9e0c781d91a6830248
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Diffstat (limited to 'SecurityPkg/Library')
| -rw-r--r-- | SecurityPkg/Library/AuthVariableLib/AuthService.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 7188ff6008..2966811fa7 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -1554,7 +1554,7 @@ CalculatePrivAuthVarSignChainSHA256Digest( {
UINT8 *TbsCert;
UINTN TbsCertSize;
- UINT8 CertCommonName[128];
+ CHAR8 CertCommonName[128];
UINTN CertCommonNameSize;
BOOLEAN CryptoStatus;
EFI_STATUS Status;
@@ -1590,7 +1590,11 @@ CalculatePrivAuthVarSignChainSHA256Digest( //
// '\0' is forced in CertCommonName. No overflow issue
//
- CryptoStatus = Sha256Update (mHashCtx, CertCommonName, AsciiStrLen((CHAR8 *)CertCommonName));
+ CryptoStatus = Sha256Update (
+ mHashCtx,
+ CertCommonName,
+ AsciiStrLen (CertCommonName)
+ );
if (!CryptoStatus) {
return EFI_ABORTED;
}
|