7c410b3d41
There are some explicit time(NULL) calls in openssl-1.1.0xx source, but the dummy time() wrapper in ConstantTimeClock.c (used by PEI and SMM module) has no any checks on NULL parameter. This is one bug and will cause the memory access issue. This patch adds the NULL parameter checking in time() wrapper. Cc: Ting Ye <ting.ye@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
44 lines
1.2 KiB
C
44 lines
1.2 KiB
C
/** @file
|
|
C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation
|
|
for OpenSSL-based Cryptographic Library.
|
|
|
|
This C file implements constant time value for time() and NULL for gmtime()
|
|
thus should not be used in library instances which require functionality
|
|
of following APIs which need system time support:
|
|
1) RsaGenerateKey
|
|
2) RsaCheckKey
|
|
3) RsaPkcs1Sign
|
|
4) Pkcs7Sign
|
|
5) DhGenerateParameter
|
|
6) DhGenerateKey
|
|
|
|
Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
|
|
This program and the accompanying materials
|
|
are licensed and made available under the terms and conditions of the BSD License
|
|
which accompanies this distribution. The full text of the license may be found at
|
|
http://opensource.org/licenses/bsd-license.php
|
|
|
|
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
|
|
|
**/
|
|
|
|
#include <CrtLibSupport.h>
|
|
|
|
//
|
|
// -- Time Management Routines --
|
|
//
|
|
|
|
time_t time (time_t *timer)
|
|
{
|
|
if (timer != NULL) {
|
|
*timer = 0;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
struct tm * gmtime (const time_t *timer)
|
|
{
|
|
return NULL;
|
|
}
|