shim/shim-bnc808106-correct-certcount.patch
Gary Ching-Pang Lin 16ab868efc Accepting request 184039 from home:gary_lin:branches:devel:openSUSE:Factory
- Update to 0.4
- Rebase patches
  + shim-suse-build.patch
  + shim-mokmanager-support-crypt-hash-method.patch
  + shim-bnc804631-fix-broken-bootpath.patch
  + shim-bnc798043-no-doulbe-separators.patch
  + shim-bnc807760-change-pxe-2nd-loader-name.patch
  + shim-bnc808106-correct-certcount.patch 
  + shim-mokmanager-ui-revamp.patch
- Add patches
  + shim-merge-lf-loader-code.patch: merge the Linux Foundation
    loader UI code
  + shim-fix-pointer-casting.patch: fix a casting issue and the
    size of an empty vendor cert
  + shim-fix-simple-file-selector.patch: fix the buffer allocation
    in the simple file selector
- Remove upstreamed patches
  + shim-support-mok-delete.patch
  + shim-reboot-after-changes.patch
  + shim-clear-queued-key.patch
  + shim-local-key-sign-mokmanager.patch
  + shim-get-2nd-stage-loader.patch
  + shim-fix-loadoptions.patch
- Remove unused patch: shim-mokmanager-new-pw-hash.patch and
  shim-keep-unsigned-mokmanager.patch
- Install the vendor certificate to /etc/uefi/certs

OBS-URL: https://build.opensuse.org/request/show/184039
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=28
2013-07-23 04:44:22 +00:00

35 lines
1.7 KiB
Diff

From 37b8af226ea8e3af467944b3b6253218ba13838c Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Fri, 8 Mar 2013 14:44:50 +0800
Subject: [PATCH] Correct the certificate count of the signature list
---
shim.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/shim.c b/shim.c
index 806f065..7219d53 100644
--- a/shim.c
+++ b/shim.c
@@ -230,7 +230,7 @@ static CHECK_STATUS check_db_cert_in_ram(EFI_SIGNATURE_LIST *CertList,
while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) {
if (CompareGuid (&CertList->SignatureType, &CertType) == 0) {
- CertCount = (CertList->SignatureListSize - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
for (Index = 0; Index < CertCount; Index++) {
IsFound = AuthenticodeVerify (data->CertData,
@@ -295,7 +295,7 @@ static CHECK_STATUS check_db_hash_in_ram(EFI_SIGNATURE_LIST *CertList,
BOOLEAN IsFound = FALSE;
while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) {
- CertCount = (CertList->SignatureListSize - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ CertCount = (CertList->SignatureListSize -sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
if (CompareGuid(&CertList->SignatureType, &CertType) == 0) {
for (Index = 0; Index < CertCount; Index++) {
--
1.8.1.4