proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-06-12 16:52:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add Tiano patch e98e59c237e17f064a4ecffb39d45499f89720a1

Browse Source 
This is:
    Fix a bug in OpensslLib that PKCS7_verify will use over 8k stack space.

    Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
    Reviewed-by: Ye Ting  <ting.ye@intel.com>
    Reviewed-by: Dong Guo <guo.dong@intel.com>

from upstream.
This commit is contained in:
Matthew Garrett 2013-10-03 12:56:27 -04:00 committed by Peter Jones
parent 8c46e07fec
commit 16c55f99e8
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c
View File

@ -176,7 +176,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
STACK_OF(PKCS7_SIGNER_INFO) *sinfos; STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
PKCS7_SIGNER_INFO *si; PKCS7_SIGNER_INFO *si;
X509_STORE_CTX cert_ctx; X509_STORE_CTX cert_ctx;
char buf[4096]; char *buf = NULL;
int bufsiz;
int i, j=0, k, ret = 0; int i, j=0, k, ret = 0;
BIO *p7bio; BIO *p7bio;
BIO *tmpin, *tmpout; BIO *tmpin, *tmpout;
@ -287,10 +288,16 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
BIO_set_mem_eof_return(tmpout, 0); BIO_set_mem_eof_return(tmpout, 0);
} else tmpout = out; } else tmpout = out;
bufsiz = 4096;
buf = OPENSSL_malloc (bufsiz);
if (buf == NULL) {
goto err;
}
/* We now have to 'read' from p7bio to calculate digests etc. */ /* We now have to 'read' from p7bio to calculate digests etc. */
for (;;) for (;;)
{ {
i=BIO_read(p7bio,buf,sizeof(buf)); i=BIO_read(p7bio,buf,bufsiz);
if (i <= 0) break; if (i <= 0) break;
if (tmpout) BIO_write(tmpout, buf, i); if (tmpout) BIO_write(tmpout, buf, i);
} }
@ -329,6 +336,10 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
sk_X509_free(signers); sk_X509_free(signers);
if (buf != NULL) {
OPENSSL_free (buf);
}
return ret; return ret;
} }