git.proxmox.com Git - mirror_edk2.git/commit - SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c

SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd, SecDataDirLeft

The following two quantities:

  SecDataDir->VirtualAddress + SecDataDir->Size
  SecDataDir->VirtualAddress + SecDataDir->Size - OffSet

are used multiple times in DxeImageVerificationHandler(). Introduce helper
variables for them: "SecDataDirEnd" and "SecDataDirLeft", respectively.
This saves us multiple calculations and significantly simplifies the code.

Note that all three summands above have type UINT32, therefore the new
variables are also of type UINT32.

This patch does not change behavior.

(Note that the code already handles the case when the

  SecDataDir->VirtualAddress + SecDataDir->Size

UINT32 addition overflows -- namely, in that case, the certificate loop is
never entered, and the corruption check right after the loop fires.)

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-2-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

author	Laszlo Ersek <lersek@redhat.com>
	Tue, 1 Sep 2020 09:12:19 +0000 (11:12 +0200)
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
	Wed, 2 Sep 2020 10:16:18 +0000 (10:16 +0000)
commit	503248ccdf45c14d4040ce44163facdc212e4991
tree	f424afc36add47c21c83da8694d3c90b6cb87583	tree
parent	7513559926355dcd20516d01b0b44f2cddc2ff08	commit \| diff