[edk2] [PATCH v2] SecurityPkg: Fix wrong calculation of ImageExeInfoEntrySize

Tue, 23 Jun 2015 03:07:46 -0700 

Per UEFI spec, EFI_IMAGE_EXECUTION_INFO structure is updated to comment
Signature field. So, its structure doesn't include Signature field. But,
ImageExeInfoEntrySize uses its structure size minor Signature size. It
will be corrected in this change.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming....@intel.com>
Reviewed-by: Chao Zhang <chao.b.zh...@intel.com>
---
 SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c 
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index d7e286b..3331b68 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1,7 +1,7 @@
 /** @file
-  Implement image verification services for secure boot service in UEFI2.3.1.
+  Implement image verification services for secure boot service
 
   Caution: This file requires additional review when modified.
   This library will have external input - PE/COFF image.
   This external input must be validated carefully to avoid security issue like
   buffer overflow, integer overflow.
@@ -767,11 +767,11 @@ AddImageExeInfo (
     //
     ImageExeInfoTableSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);
   }
 
   DevicePathSize            = GetDevicePathSize (DevicePath);
-  NewImageExeInfoEntrySize  = sizeof (EFI_IMAGE_EXECUTION_INFO) - sizeof 
(EFI_SIGNATURE_LIST) + NameStringLen + DevicePathSize + SignatureSize;
+  NewImageExeInfoEntrySize  = sizeof (EFI_IMAGE_EXECUTION_INFO) + 
NameStringLen + DevicePathSize + SignatureSize;
   NewImageExeInfoTable      = (EFI_IMAGE_EXECUTION_INFO_TABLE *) 
AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
   if (NewImageExeInfoTable == NULL) {
     return ;
   }
 
-- 
1.9.5.msysgit.0


------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

Reply via email to