SecurityPkg/DxeImageVerificationLib: change IsCertHashFoundInDatabase name (CVE-2019...

IsCertHashFoundInDatabase() is actually used only for searching dbx,
according to the function logic, its comments and its use cases. Changing
it to IsCertHashFoundInDbx to avoid confusion.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1608
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 0e1587bc3c3c3ca8c0b5f7860e33aaeaa73687e7..b7fa8ea8c55c52b8ea0835c403f1143a923cda98 100644 (file)
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -829,7 +829,7 @@ AddImageExeInfo (
 \r
 **/\r
 EFI_STATUS\r
 \r
 **/\r
 EFI_STATUS\r

-IsCertHashFoundInDatabase (\r
+IsCertHashFoundInDbx (\r

   IN  UINT8               *Certificate,\r
   IN  UINTN               CertSize,\r
   IN  EFI_SIGNATURE_LIST  *SignatureList,\r
   IN  UINT8               *Certificate,\r
   IN  UINTN               CertSize,\r
   IN  EFI_SIGNATURE_LIST  *SignatureList,\r


@@ -1362,7 +1362,7 @@ IsForbiddenByDbx (
     //\r
     CertPtr = CertPtr + sizeof (UINT32) + CertSize;\r
 \r
     //\r
     CertPtr = CertPtr + sizeof (UINT32) + CertSize;\r
 \r

-    Status = IsCertHashFoundInDatabase (Cert, CertSize, (EFI_SIGNATURE_LIST *)Data, DataSize, &RevocationTime, &IsFound);\r
+    Status = IsCertHashFoundInDbx (Cert, CertSize, (EFI_SIGNATURE_LIST *)Data, DataSize, &RevocationTime, &IsFound);\r

     if (EFI_ERROR (Status)) {\r
       //\r
       // Error in searching dbx. Consider it as 'found'. RevocationTime might\r
     if (EFI_ERROR (Status)) {\r
       //\r
       // Error in searching dbx. Consider it as 'found'. RevocationTime might\r


@@ -1528,7 +1528,7 @@ IsAllowedByDb (
             //\r
             // Here We still need to check if this RootCert's Hash is revoked\r
             //\r
             //\r
             // Here We still need to check if this RootCert's Hash is revoked\r
             //\r

-            Status = IsCertHashFoundInDatabase (RootCert, RootCertSize, (EFI_SIGNATURE_LIST *)DbxData, DbxDataSize, &RevocationTime, &IsFound);\r
+            Status = IsCertHashFoundInDbx (RootCert, RootCertSize, (EFI_SIGNATURE_LIST *)DbxData, DbxDataSize, &RevocationTime, &IsFound);\r

             if (EFI_ERROR (Status)) {\r
               //\r
               // Error in searching dbx. Consider it as 'found'. RevocationTime might\r
             if (EFI_ERROR (Status)) {\r
               //\r
               // Error in searching dbx. Consider it as 'found'. RevocationTime might\r