X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FLibrary%2FDxeImageVerificationLib%2FDxeImageVerificationLib.c;h=9ea3a28ad91b93ede65c6eb159ad5b6b75c52b08;hp=b3648bdee4182ea1ed8e1ae1aaef3489fff39490;hb=2aadc9205b8c1ea8b002e2bc05dcaed7b1505121;hpb=f6f9031f8e95727c4947a41c202f133d98aed642

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index b3648bdee4..9ea3a28ad9 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1276,6 +1276,9 @@ DxeImageVerificationHandler (
     // Authenticode specification.
     //
     PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) WinCertificate;
+    if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {
+      goto Done;
+    }
     AuthData   = PkcsCertData->CertData;
     AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof(PkcsCertData->Hdr);
     
@@ -1290,7 +1293,8 @@ DxeImageVerificationHandler (
     // The certificate is formatted as WIN_CERTIFICATE_UEFI_GUID which is described in UEFI Spec.
     //
     WinCertUefiGuid = (WIN_CERTIFICATE_UEFI_GUID *) WinCertificate;
-    if (!CompareGuid(&WinCertUefiGuid->CertType, &gEfiCertPkcs7Guid)) {
+    if (!CompareGuid(&WinCertUefiGuid->CertType, &gEfiCertPkcs7Guid) ||
+        (WinCertUefiGuid->Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData))) {
       goto Done;
     }
     AuthData = WinCertUefiGuid->CertData;