1. Fix build break issue for NOOPT target.
2. Fix potential system hang issue in X509_STORE_CTX_cleanup. 3. Fix potential overflow when convert UINTN to INT. 4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData. 5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData. Signed-off-by: tye Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -48,6 +48,10 @@ X509ConstructCertificate (
|
||||
ASSERT (Cert != NULL);
|
||||
ASSERT (SingleX509Cert != NULL);
|
||||
|
||||
if (CertSize > INT_MAX) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
Status = FALSE;
|
||||
|
||||
//
|
||||
@@ -439,6 +443,7 @@ X509VerifyCert (
|
||||
// X509 Certificate Verification.
|
||||
//
|
||||
Status = (BOOLEAN) X509_verify_cert (&CertCtx);
|
||||
X509_STORE_CTX_cleanup (&CertCtx);
|
||||
|
||||
_Exit:
|
||||
//
|
||||
@@ -447,7 +452,6 @@ _Exit:
|
||||
X509_free (X509Cert);
|
||||
X509_free (X509CACert);
|
||||
X509_STORE_free (CertStore);
|
||||
X509_STORE_CTX_cleanup (&CertCtx);
|
||||
|
||||
return Status;
|
||||
}
|
||||
|
Reference in New Issue
Block a user