Add comments to clarify mPubKeyStore buffer MemCopy. There is no memory overflow issue.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao, Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao, Jiewen <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16227 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Chao, Zhang
2014-10-22 07:30:22 +00:00
committed by czhang46
parent 0414ec24ba
commit 36bdec3cd9
4 changed files with 30 additions and 0 deletions

View File

@@ -2,6 +2,16 @@
The internal header file includes the common header files, defines
internal structure and functions used by AuthService module.
Caution: This module requires additional review when modified.
This driver will have external input - variable data. It may be input in SMM mode.
This external input must be validated carefully to avoid security issue like
buffer overflow, integer overflow.
Variable attribute should also be checked to avoid authentication bypass.
The whole SMM authentication variable design relies on the integrity of flash part and SMM.
which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory
may not be modified without authorization. If platform fails to protect these resources,
the authentication service provided in this driver will be broken, and the behavior is undefined.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License