sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764

Browse Source 
This commit contains the patch files and tests for DxeTpmMeasureBootLib
CVE 2022-36764.

Cc: Jiewen Yao <jiewen.yao@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
Douglas Flick [MSFT]
2024-01-12 02:16:05 +08:00
committed by mergify[bot]
parent c7b2794421
commit 0d341c01ee
4 changed files with 168 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
View File

@ -17,6 +17,7 @@
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
Copyright (c) Microsoft Corporation.<BR>
Copyright (c) Microsoft Corporation.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -345,18 +346,22 @@ TcgMeasurePeImage (
ImageLoad = NULL;
SectionHeader = NULL;
Sha1Ctx = NULL;
TcgEvent = NULL;
FilePathSize = (UINT32)GetDevicePathSize (FilePath);
//
// Determine destination PCR by BootPolicy
//
EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
TcgEvent = AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT));
Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
if (EFI_ERROR (Status)) {
return EFI_UNSUPPORTED;
}
TcgEvent = AllocateZeroPool (EventSize);
if (TcgEvent == NULL) {
return EFI_OUT_OF_RESOURCES;
}
TcgEvent->EventSize = EventSize;
TcgEvent->EventSize = EventSize - sizeof (TCG_PCR_EVENT_HDR);
ImageLoad = (EFI_IMAGE_LOAD_EVENT *)TcgEvent->Event;
switch (ImageType) {