sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CryptoPkg: Fix conditionally uninitialized variable

Browse Source 
Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Checks the return value from `ASN1_get_object()` to verify values
set by the function are valid.

Note that the function returns literal `0x80`:
    `return (0x80);`

That is used to check the return value is as the case in other areas
of the code.

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
This commit is contained in:
Michael Kubacki
2022-11-08 15:15:31 -05:00
committed by mergify[bot]
parent dbe820d5fa
commit 84d77d9bf5
1 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
View File

@ -807,6 +807,7 @@ X509GetTBSCert (
UINT32 Asn1Tag; UINT32 Asn1Tag;
UINT32 ObjClass; UINT32 ObjClass;
UINTN Length; UINTN Length;
UINTN Inf;
// //
// Check input parameters. // Check input parameters.
@ -836,9 +837,9 @@ X509GetTBSCert (
// //
Temp = Cert; Temp = Cert;
Length = 0; Length = 0;
ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
if (Asn1Tag != V_ASN1_SEQUENCE) { if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE; return FALSE;
} }
@ -848,7 +849,7 @@ X509GetTBSCert (
// //
// Verify the parsed TBSCertificate is one correct SEQUENCE data. // Verify the parsed TBSCertificate is one correct SEQUENCE data.
// //
if (Asn1Tag != V_ASN1_SEQUENCE) { if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
return FALSE; return FALSE;
} }
@ -1892,14 +1893,16 @@ Asn1GetTag (
INT32 ObjTag; INT32 ObjTag;
INT32 ObjCls; INT32 ObjCls;
long ObjLength; long ObjLength;
UINT32 Inf;
// //
// Save Ptr position // Save Ptr position
// //
PtrOld = *Ptr; PtrOld = *Ptr;
ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjCls, (INT32)(End - (*Ptr))); Inf = ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjCls, (INT32)(End - (*Ptr)));
if ((ObjTag == (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) && if (((Inf & 0x80) == 0x00) &&
(ObjTag == (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&
(ObjCls == (INT32)(Tag & CRYPTO_ASN1_TAG_CLASS_MASK))) (ObjCls == (INT32)(Tag & CRYPTO_ASN1_TAG_CLASS_MASK)))
{ {
*Length = (UINTN)ObjLength; *Length = (UINTN)ObjLength;