SecurityPkg/DxeImageVerificationLib: tighten default result (CVE-2019-14575)
authorJian J Wang <jian.j.wang@intel.com>
Tue, 17 Sep 2019 03:04:33 +0000 (11:04 +0800)
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Wed, 19 Feb 2020 14:08:23 +0000 (14:08 +0000)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608

All intermediate results inside this function will be checked and
returned immediately upon any failure or error, like out-of-resource,
hash calculation error or certificate retrieval failure.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c

index 85261ba..470a0d2 100644 (file)
@@ -1240,7 +1240,7 @@ IsForbiddenByDbx (
   //\r
   // Variable Initialization\r
   //\r
-  IsForbidden       = FALSE;\r
+  IsForbidden       = TRUE;\r
   Data              = NULL;\r
   CertList          = NULL;\r
   CertData          = NULL;\r
@@ -1257,7 +1257,14 @@ IsForbiddenByDbx (
   //\r
   DataSize = 0;\r
   Status   = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);\r
+  ASSERT (EFI_ERROR (Status));\r
   if (Status != EFI_BUFFER_TOO_SMALL) {\r
+    if (Status == EFI_NOT_FOUND) {\r
+      //\r
+      // Evidently not in dbx if the database doesn't exist.\r
+      //\r
+      IsForbidden = FALSE;\r
+    }\r
     return IsForbidden;\r
   }\r
   Data = (UINT8 *) AllocateZeroPool (DataSize);\r
@@ -1374,6 +1381,8 @@ IsForbiddenByDbx (
 \r
   }\r
 \r
+  IsForbidden = FALSE;\r
+\r
 Done:\r
   if (Data != NULL) {\r
     FreePool (Data);\r