Add comment for modules which have external input.

[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Pk / CryptAuthenticode.c

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
index a1f8c58e746de62a8ba7db54ca3a034236ca0c4a..a4f62b22b5675dd3589087d30849ce0ee527a82d 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
@@ -1,6 +1,14 @@
 /** @file\r
   Authenticode Portable Executable Signature Verification over OpenSSL.\r
 \r
+  Caution: This module requires additional review when modified.\r
+  This library will have external input - signature (e.g. PE/COFF Authenticode).\r
+  This external input must be validated carefully to avoid security issue like\r
+  buffer overflow, integer overflow.\r
+\r
+  AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for\r
+  data structure.\r
+\r
 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
@@ -26,6 +34,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
   If AuthData is NULL, then return FALSE.\r
   If ImageHash is NULL, then return FALSE.\r
 \r
+  Caution: This function may receive untrusted input.\r
+  PE/COFF Authenticode is external input, so this function will do basic check for\r
+  Authenticode data structure.\r
+\r
   @param[in]  AuthData     Pointer to the Authenticode Signature retrieved from signed\r
                            PE/COFF image to be verified.\r
   @param[in]  DataSize     Size of the Authenticode Signature in bytes.\r