There is one long-standing problem in current CRT realloc wrapper
implementation, which will cause the obvious buffer overflow issue
when re-allocating memory block.
One BZ report: https://bugzilla.tianocore.org/show_bug.cgi?id=605
This patch series is to fix this buffer overflow issue by introducing
one extra header to record the memory buffer size information.
And extra comments were also added to clarify the memory release routines
if the caller is required to free the memory block outside the function.
Long Qin (2):
CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper
CryptoPkg/BaseCryptLib: Fix mismatched memory allocation/free
CryptoPkg/Include/Library/BaseCryptLib.h | 16 +++--
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c | 5 +-
.../Library/BaseCryptLib/Pk/CryptPkcs7SignNull.c | 3 +-
.../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 15 +++--
.../Library/BaseCryptLib/Pk/CryptPkcs7VerifyNull.c | 13 ++--
.../BaseCryptLib/SysCall/BaseMemAllocation.c | 72 +++++++++++++++++++---
6 files changed, 97 insertions(+), 27 deletions(-)
--
2.14.1.windows.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel