X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=CryptoPkg%2FLibrary%2FBaseCryptLib%2FCipher%2FCryptArc4.c;h=f3c4d31a2d9c1598fd7f295fc187f28fe2bf57ed;hp=fa8fd963dddb8172e549605f405d6e39e335d41b;hb=dda39f3a5850458391aaab330971d46bc9c2b690;hpb=a8c4464502aabcbda7032daddc772a1bc7386bdf

diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
index fa8fd963dd..f3c4d31a2d 100644
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
+++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
@@ -1,7 +1,7 @@
 /** @file
   ARC4 Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -32,19 +32,19 @@ Arc4GetContextSize (
   // for backup copy. When Arc4Reset() is called, we can use the backup copy to restore
   // the working copy to the initial state.
   //
-  return (UINTN) (2 * sizeof(RC4_KEY));
+  return (UINTN) (2 * sizeof (RC4_KEY));
 }
 
 /**
   Initializes user-supplied memory as ARC4 context for subsequent use.
 
   This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addtion, it sets up all ARC4 key materials for subsequent encryption and decryption
+  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
   operations.
 
-  If Arc4Context is NULL, then ASSERT().
-  If Key is NULL, then ASSERT().
-  If KeySize does not in the range of [5, 256] bytes, then ASSERT().
+  If Arc4Context is NULL, then return FALSE.
+  If Key is NULL, then return FALSE.
+  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
 
   @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
   @param[in]   Key          Pointer to the user-supplied ARC4 key.
@@ -64,15 +64,18 @@ Arc4Init (
 {
   RC4_KEY  *Rc4Key;
 
-  ASSERT (Arc4Context != NULL);
-  ASSERT (Key != NULL);
-  ASSERT ((KeySize >= 5) && (KeySize <= 256));
+  //
+  // Check input parameters.
+  //  
+  if (Arc4Context == NULL || Key == NULL || (KeySize < 5 || KeySize > 256)) {
+    return FALSE;
+  }
 
   Rc4Key = (RC4_KEY *) Arc4Context;
 
   RC4_set_key (Rc4Key, (UINT32) KeySize, Key);
 
-  CopyMem (Rc4Key +  1, Rc4Key, sizeof(RC4_KEY));
+  CopyMem (Rc4Key +  1, Rc4Key, sizeof (RC4_KEY));
 
   return TRUE;
 }
@@ -85,9 +88,9 @@ Arc4Init (
   Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
   invalid ARC4 context is undefined.
 
-  If Arc4Context is NULL, then ASSERT().
-  If Input is NULL, then ASSERT().
-  If Output is NULL, then ASSERT().
+  If Arc4Context is NULL, then return FALSE.
+  If Input is NULL, then return FALSE.
+  If Output is NULL, then return FALSE.
 
   @param[in, out]  Arc4Context  Pointer to the ARC4 context.
   @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
@@ -109,9 +112,12 @@ Arc4Encrypt (
 {
   RC4_KEY  *Rc4Key;
 
-  ASSERT (Arc4Context != NULL);
-  ASSERT (Input != NULL);
-  ASSERT (Output != NULL);
+  //
+  // Check input parameters.
+  //
+  if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
+    return FALSE;
+  }
 
   Rc4Key = (RC4_KEY *) Arc4Context;
 
@@ -128,9 +134,9 @@ Arc4Encrypt (
   Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
   invalid ARC4 context is undefined.
 
-  If Arc4Context is NULL, then ASSERT().
-  If Input is NULL, then ASSERT().
-  If Output is NULL, then ASSERT().
+  If Arc4Context is NULL, then return FALSE.
+  If Input is NULL, then return FALSE.
+  If Output is NULL, then return FALSE.
 
   @param[in, out]  Arc4Context  Pointer to the ARC4 context.
   @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
@@ -152,9 +158,12 @@ Arc4Decrypt (
 {
   RC4_KEY  *Rc4Key;
 
-  ASSERT (Arc4Context != NULL);
-  ASSERT (Input != NULL);
-  ASSERT (Output != NULL);
+  //
+  // Check input parameters.
+  //
+  if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
+    return FALSE;
+  }
 
   Rc4Key = (RC4_KEY *) Arc4Context;
 
@@ -171,7 +180,7 @@ Arc4Decrypt (
   Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
   should be already correctly initialized by ARC4Init().
 
-  If Arc4Context is NULL, then ASSERT().
+  If Arc4Context is NULL, then return FALSE.
 
   @param[in, out]  Arc4Context  Pointer to the ARC4 context.
 
@@ -187,11 +196,16 @@ Arc4Reset (
 {
   RC4_KEY  *Rc4Key;
 
-  ASSERT (Arc4Context != NULL);
-
+  //
+  // Check input parameters.
+  //
+  if (Arc4Context == NULL) {
+    return FALSE;
+  }
+  
   Rc4Key = (RC4_KEY *) Arc4Context;
 
-  CopyMem (Rc4Key, Rc4Key + 1, sizeof(RC4_KEY));
+  CopyMem (Rc4Key, Rc4Key + 1, sizeof (RC4_KEY));
 
   return TRUE;
 }