From da9e7418daad22aee7b48790c1d1db5d2ede7e58 Mon Sep 17 00:00:00 2001 From: tye1 Date: Fri, 28 Oct 2011 07:41:26 +0000 Subject: 1. Fix build break issue for NOOPT target. 2. Fix potential system hang issue in X509_STORE_CTX_cleanup. 3. Fix potential overflow when convert UINTN to INT. 4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData. 5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData. Signed-off-by: tye Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524 --- CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c') diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index 5f93e4af93..0370fd77a5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -65,6 +65,10 @@ AuthenticodeVerify ( ASSERT (AuthData != NULL); ASSERT (ImageHash != NULL); + if (DataSize > INT_MAX) { + return FALSE; + } + Status = FALSE; Pkcs7 = NULL; OrigAuthData = AuthData; -- cgit v1.2.3