CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf()

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4075

Fake BIO_snprintf() does not actually print anything to buf,
it should return -1 as error.
0 will be considered a correct return value, the consumer may think that
the buf is valid and parse the buffer.
please refer to bugzilla link for details.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>

diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
index c1fc33538f9b4cd05cd33fabb2bd54434e9e0b6f..b65d29485b9023813c5ee8e3733f29ed4fcaef88 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c
@@ -494,7 +494,9 @@ BIO_snprintf (
   ...\r
   )\r
 {\r
-  return 0;\r
+  // Because the function does not actually print anything to buf, it returns -1 as error.\r
+  // Otherwise, the consumer may think that the buf is valid and parse the buffer.\r
+  return -1;\r
 }\r
 \r
 #ifdef __GNUC__\r