Add comment for modules which have external input.

signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-12 08:28:43 +00:00
parent 90eaa3c1e0
commit dc204d5a0f
30 changed files with 435 additions and 22 deletions
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
@ -1,6 +1,14 @@
 /** @file
  Authenticode Portable Executable Signature Verification over OpenSSL.

+  Caution: This module requires additional review when modified.
+  This library will have external input - signature (e.g. PE/COFF Authenticode).
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for
+  data structure.
+
 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
@ -26,6 +34,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  If AuthData is NULL, then return FALSE.
  If ImageHash is NULL, then return FALSE.

+  Caution: This function may receive untrusted input.
+  PE/COFF Authenticode is external input, so this function will do basic check for
+  Authenticode data structure.
+
  @param[in]  AuthData     Pointer to the Authenticode Signature retrieved from signed
                           PE/COFF image to be verified.
  @param[in]  DataSize     Size of the Authenticode Signature in bytes.