Skip to content

Commit

Permalink
CryptoPkg: Fix CryptAuthenticode fuzz
Browse files Browse the repository at this point in the history 
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
  • Loading branch information
@Wenxing-hou @liyi77
Wenxing-hou authored and liyi77 committed Mar 20, 2024
1 parent f1afa77 commit 2df1b2c
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticode.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,10 @@ AuthenticodeVerify (
return FALSE;
}

if (DataSize <= HashSize) {
return FALSE;
}

Ptr = (UINT8 *)(UINTN)AuthData;
Len = (UINT32)DataSize;
End = Ptr + Len;
Expand Down Expand Up @@ -188,6 +192,10 @@ AuthenticodeVerify (
// defined in Authenticode
// NOTE: Need to double-check HashLength here!
//
if (ContentSize < HashSize) {
return FALSE;
}

if (CompareMem (SpcIndirectDataContent + ContentSize - HashSize, ImageHash, HashSize) != 0) {
//
// Un-matched PE/COFF Hash Value
Expand Down

0 comments on commit 2df1b2c

Please sign in to comment.