From 2067d9f8bfdf172a5eab4d1abfe8b4ba8c5195d5 Mon Sep 17 00:00:00 2001
From: "Zhang, Chao B" <chao.b.zhang@intel.com>
Date: Mon, 15 Jan 2018 09:50:38 +0800
Subject: [PATCH] CrptoPkg/BaseCryptLib: Fix type mismatch when calling OpenSSL
 function

Type definition in UEFI & OpeenSSL is different. Sometime it could cause
write overflow. Should use same data type when accessing the same region

Cc: Long Qin <qin.long@intel.com>
Cc: Chen Chen <chen.a.chen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index bf7c4ccd42..56e66308ae 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -644,8 +644,8 @@ X509GetTBSCert (
   )
 {
   CONST UINT8  *Temp;
-  INTN         Asn1Tag;
-  INTN         ObjClass;
+  UINT32       Asn1Tag;
+  UINT32       ObjClass;
   UINTN        Length;
 
   //
@@ -673,7 +673,8 @@ X509GetTBSCert (
   // So we can just ASN1-parse the x.509 DER-encoded data. If we strip
   // the first SEQUENCE, the second SEQUENCE is the TBSCertificate.
   //
-  Temp = Cert;
+  Temp   = Cert;
+  Length = 0;
   ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
 
   if (Asn1Tag != V_ASN1_SEQUENCE) {