1. Patchew
  2. EDK2
  3. View series

[edk2-devel] [PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek

Zhang, Shenglei posted 1 patch 4 years, 4 months ago
Failed in applying to current master (apply log)
SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c | 2 ++
SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h | 2 ++
2 files changed, 4 insertions(+)
[edk2-devel] [PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek
Posted by Zhang, Shenglei 4 years, 4 months ago 
Add ASSERT for Ek to ensure things out of EK would not
be visited.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
---
 SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c | 2 ++
 SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
index 66edaf10c468..6c99ec83e822 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
@@ -160,6 +160,7 @@ AesExpandKey (
   // Initialize the encryption key scheduler
   //
   for (Index2 = Nk, Index3 = 0; Index2 < Nw; Index2 += Nk, Index3++) {
+    ASSERT(Index2 < sizeof(Ek)/sizeof(Ek[0]));
     Temp       = Ek[Index2 - 1];
     Ek[Index2] = Ek[Index2 - Nk] ^ (AES_FT2((Temp >> 16) & 0xFF) & 0xFF000000) ^
                                    (AES_FT3((Temp >>  8) & 0xFF) & 0x00FF0000) ^
@@ -181,6 +182,7 @@ AesExpandKey (
         Ek [Index1 + Index2] = Ek[Index1 + Index2 - Nk] ^ Ek[Index1 + Index2 - 1];
       }
       if (Index2 + 4 < Nw) {
+        ASSERT((Index2 +4) < sizeof(Ek)/sizeof(Ek[0]));
         Temp           = Ek[Index2 + 3];
         Ek[Index2 + 4] = Ek[Index2 + 4 - Nk] ^ (AES_FT2((Temp >> 24) & 0xFF) & 0xFF000000) ^
                                                (AES_FT3((Temp >> 16) & 0xFF) & 0x00FF0000) ^
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
index e07f90050ac3..40d6b13d2b81 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
@@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #ifndef __AES_CORE_H__
 #define __AES_CORE_H__
 
+#include <Library/DebugLib.h>
+
 /**
   Encrypts one single block data (128 bits) with AES algorithm.
 
-- 
2.18.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#51806): https://edk2.groups.io/g/devel/message/51806
Mute This Topic: https://groups.io/mt/67403436/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.