REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3617
Create a read-only openSSL BIO wrapper for the existing input
buffer passed to Pkcs7Verify() instead of copying the buffer
into an empty writable BIO which causes memory allocations
within openSSL.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Bob Morgan <bobm@nvidia.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
// For generic PKCS#7 handling, InData may be NULL if the content is present\r
// in PKCS#7 structure. So ignore NULL checking here.\r
//\r
- DataBio = BIO_new (BIO_s_mem ());\r
+ DataBio = BIO_new_mem_buf (InData, (int) DataLength);\r
if (DataBio == NULL) {\r
goto _Exit;\r
}\r
\r
- if (BIO_write (DataBio, InData, (int) DataLength) <= 0) {\r
- goto _Exit;\r
- }\r
-\r
//\r
// Allow partial certificate chains, terminated by a non-self-signed but\r
// still trusted intermediate certificate. Also disable time checks.\r