Cryptlib update

Cryptlib/InternalCryptLib.h

@@ -21,8 +21,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/DebugLib.h>
 #include <Library/BaseCryptLib.h>
 
-#define CONST const
-
 //
 // Environment Setting for OpenSSL-based UEFI Crypto Library.
 //

Cryptlib/Pk/CryptAuthenticode.c

@@ -1,6 +1,14 @@
 /** @file
   Authenticode Portable Executable Signature Verification over OpenSSL.
 
+  Caution: This module requires additional review when modified.
+  This library will have external input - signature (e.g. PE/COFF Authenticode).
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for
+  data structure.
+
 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
@@ -26,6 +34,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
   If AuthData is NULL, then return FALSE.
   If ImageHash is NULL, then return FALSE.
 
+  Caution: This function may receive untrusted input.
+  PE/COFF Authenticode is external input, so this function will do basic check for
+  Authenticode data structure.
+
   @param[in]  AuthData     Pointer to the Authenticode Signature retrieved from signed
                            PE/COFF image to be verified.
   @param[in]  DataSize     Size of the Authenticode Signature in bytes.

Cryptlib/Pk/CryptPkcs7.c

@@ -1,6 +1,15 @@
 /** @file
   PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.
 
+  Caution: This module requires additional review when modified.
+  This library will have external input - signature (e.g. UEFI Authenticated
+  Variable). It may by input in SMM mode.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+
+  WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated
+  Variable and will do basic check for data structure.
+
 Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
@@ -281,6 +290,10 @@ _Exit:
   Check input P7Data is a wrapped ContentInfo structure or not. If not construct
   a new structure to wrap P7Data.
 
+  Caution: This function may receive untrusted input.
+  UEFI Authenticated Variable is external input, so this function will do basic
+  check for PKCS#7 data structure.
+
   @param[in]  P7Data       Pointer to the PKCS#7 message to verify.
   @param[in]  P7Length     Length of the PKCS#7 message in bytes.
   @param[out] WrapFlag     If TRUE P7Data is a ContentInfo structure, otherwise
@@ -389,6 +402,10 @@ WrapPkcs7Data (
   If P7Data, CertStack, StackLength, TrustedCert or CertLength is NULL, then
   return FALSE. If P7Length overflow, then return FAlSE.
 
+  Caution: This function may receive untrusted input.
+  UEFI Authenticated Variable is external input, so this function will do basic
+  check for PKCS#7 data structure.
+
   @param[in]  P7Data       Pointer to the PKCS#7 message to verify.
   @param[in]  P7Length     Length of the PKCS#7 message in bytes.
   @param[out] CertStack    Pointer to Signer's certificates retrieved from P7Data.
@@ -589,6 +606,10 @@ Pkcs7FreeSigners (
   If P7Data, TrustedCert or InData is NULL, then return FALSE.
   If P7Length, CertLength or DataLength overflow, then return FAlSE.
 
+  Caution: This function may receive untrusted input.
+  UEFI Authenticated Variable is external input, so this function will do basic
+  check for PKCS#7 data structure.
+
   @param[in]  P7Data       Pointer to the PKCS#7 message to verify.
   @param[in]  P7Length     Length of the PKCS#7 message in bytes.
   @param[in]  TrustedCert  Pointer to a trusted/root certificate encoded in DER, which

Cryptlib/SysCall/BaseMemAllocation.c

@@ -32,7 +32,7 @@ void *realloc (void *ptr, size_t size)
   // BUG: hardcode OldSize == size! We have no any knowledge about
   // memory size of original pointer ptr.
   //
-  return ReallocatePool (ptr, (UINTN)size, (UINTN)size);
+	return ReallocatePool (ptr, (UINTN)size, (UINTN)size);
 }
 
 /* De-allocates or frees a memory block */

Cryptlib/update.sh

@@ -22,3 +22,5 @@ cp $DIR/Pem/CryptPem.c Pem/CryptPem.c
 cp $DIR/SysCall/CrtWrapper.c SysCall/CrtWrapper.c
 cp $DIR/SysCall/TimerWrapper.c SysCall/TimerWrapper.c
 cp $DIR/SysCall/BaseMemAllocation.c SysCall/BaseMemAllocation.c
+
+patch -p2 <Cryptlib.diff