From 7c584bb04874bb5bad16fcf3996f5a893cc81a1c Mon Sep 17 00:00:00 2001 From: Qingyu Date: Tue, 14 May 2024 11:16:33 +0800 Subject: CryptoPkg: Fix bug for correct return value checking when get X509Cert REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509 CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable to collect the return value of ASN1_get_object(), which return 0x80 in error case. Supplement the return value check during the second function call and correct the check logic. Signed-off-by: Qingyu Cc: Jiewen Yao Reviewed-by: Yi Li --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'CryptoPkg') diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1182323..7ebec9d 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -839,17 +839,17 @@ X509GetTBSCert ( Length = 0; Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize); - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } *TBSCert = (UINT8 *)Temp; - ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); + Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length); // // Verify the parsed TBSCertificate is one correct SEQUENCE data. // - if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) { + if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) { return FALSE; } -- cgit v1.1