From nobody Sun May 5 04:31:50 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1493803757957318.1960056474097; Wed, 3 May 2017 02:29:17 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 3C2C021A134BC; Wed, 3 May 2017 02:29:16 -0700 (PDT) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D317421A134A3 for ; Wed, 3 May 2017 02:29:14 -0700 (PDT) Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 May 2017 02:29:14 -0700 Received: from qlong-mobl1.ccr.corp.intel.com ([10.254.215.35]) by orsmga004.jf.intel.com with ESMTP; 03 May 2017 02:29:13 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.38,283,1491289200"; d="scan'208";a="83165069" From: Qin Long To: chao.b.zhang@intel.com Date: Wed, 3 May 2017 17:28:50 +0800 Message-Id: <20170503092850.8460-1-qin.long@intel.com> X-Mailer: git-send-email 2.12.2.windows.1 Subject: [edk2] [Patch] SecurityPkg/Pkcs7VerifyDxe: Add format check in DB list contents X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: edk2-devel@lists.01.org MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add the size check for invalid format detection in AllowedDb, RevokedDb and TimeStampDb list contents. Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long Reviewed-by: Chao Zhang --- .../Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c | 66 ++++++++++++++++++= ++-- 1 file changed, 60 insertions(+), 6 deletions(-) diff --git a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c b/Secu= rityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c index 07fdf552be..3776f903d4 100644 --- a/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c +++ b/SecurityPkg/Pkcs7Verify/Pkcs7VerifyDxe/Pkcs7VerifyDxe.c @@ -5,7 +5,7 @@ verify data signed using PKCS7 structure. The PKCS7 data to be verified = must be ASN.1 (DER) encoded. =20 -Copyright (c) 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD = License which accompanies this distribution. The full text of the license may be = found at @@ -801,11 +801,13 @@ VerifyBuffer ( IN OUT UINTN *ContentSize ) { - EFI_STATUS Status; - UINT8 *AttachedData; - UINTN AttachedDataSize; - UINT8 *DataPtr; - UINTN DataSize; + EFI_STATUS Status; + EFI_SIGNATURE_LIST *SigList; + UINTN Index; + UINT8 *AttachedData; + UINTN AttachedDataSize; + UINT8 *DataPtr; + UINTN DataSize; =20 // // Parameters Checking @@ -818,6 +820,58 @@ VerifyBuffer ( } =20 // + // Check if any invalid entry format in AllowedDb list contents + // + for (Index =3D 0; ; Index++) { + SigList =3D (EFI_SIGNATURE_LIST *)(AllowedDb[Index]); + + if (SigList =3D=3D NULL) { + break; + } + if (SigList->SignatureListSize < sizeof (EFI_SIGNATURE_LIST) + + SigList->SignatureHeaderSize + + SigList->SignatureSize) { + return EFI_ABORTED; + } + } + + // + // Check if any invalid entry format in RevokedDb list contents + // + if (RevokedDb !=3D NULL) { + for (Index =3D 0; ; Index++) { + SigList =3D (EFI_SIGNATURE_LIST *)(RevokedDb[Index]); + + if (SigList =3D=3D NULL) { + break; + } + if (SigList->SignatureListSize < sizeof (EFI_SIGNATURE_LIST) + + SigList->SignatureHeaderSize + + SigList->SignatureSize) { + return EFI_ABORTED; + } + } + } + + // + // Check if any invalid entry format in TimeStampDb list contents + // + if (TimeStampDb !=3D NULL) { + for (Index =3D 0; ; Index++) { + SigList =3D (EFI_SIGNATURE_LIST *)(TimeStampDb[Index]); + + if (SigList =3D=3D NULL) { + break; + } + if (SigList->SignatureListSize < sizeof (EFI_SIGNATURE_LIST) + + SigList->SignatureHeaderSize + + SigList->SignatureSize) { + return EFI_ABORTED; + } + } + } + + // // Try to retrieve the attached content from PKCS7 signedData // AttachedData =3D NULL; --=20 2.12.2.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel