diff options
| author | Qin Long <qin.long@intel.com> | 2017-03-31 22:12:45 +0800 |
|---|---|---|
| committer | Qin Long <qin.long@intel.com> | 2017-04-07 00:28:56 +0800 |
| commit | 7c410b3d4180087020c7734bf67cdc4ad9fdb136 (patch) | |
| tree | cfd941bc44ea0248b357bc4e6126f1f5fe9f86e1 | |
| parent | 5d7a1d63c0fa53d411a06c6f03de939c1cc26da2 (diff) | |
| download | edk2-7c410b3d4180087020c7734bf67cdc4ad9fdb136.zip edk2-7c410b3d4180087020c7734bf67cdc4ad9fdb136.tar.gz edk2-7c410b3d4180087020c7734bf67cdc4ad9fdb136.tar.bz2 | |
CryptoPkg/BaseCryptLib: Adding NULL checking in time() wrapper.
There are some explicit time(NULL) calls in openssl-1.1.0xx source,
but the dummy time() wrapper in ConstantTimeClock.c (used by PEI
and SMM module) has no any checks on NULL parameter. This is one bug
and will cause the memory access issue.
This patch adds the NULL parameter checking in time() wrapper.
Cc: Ting Ye <ting.ye@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
| -rw-r--r-- | CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c b/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c index 7f20164..0cd9043 100644 --- a/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c +++ b/CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c @@ -31,8 +31,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. time_t time (time_t *timer)
{
- *timer = 0;
- return *timer;
+ if (timer != NULL) {
+ *timer = 0;
+ }
+ return 0;
}
struct tm * gmtime (const time_t *timer)
|