[PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

* [PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek
@ 2019-12-06  1:49 Zhang, Shenglei
  0 siblings, 0 replies; only message in thread
From: Zhang, Shenglei @ 2019-12-06  1:49 UTC (permalink / raw)
  To: devel; +Cc: Jiewen Yao, Jian J Wang, Chao Zhang

Add ASSERT for Ek to ensure things out of EK would not
be visited.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
---
 SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c | 2 ++
 SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
index 66edaf10c468..6c99ec83e822 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
@@ -160,6 +160,7 @@ AesExpandKey (
   // Initialize the encryption key scheduler
   //
   for (Index2 = Nk, Index3 = 0; Index2 < Nw; Index2 += Nk, Index3++) {
+    ASSERT(Index2 < sizeof(Ek)/sizeof(Ek[0]));
     Temp       = Ek[Index2 - 1];
     Ek[Index2] = Ek[Index2 - Nk] ^ (AES_FT2((Temp >> 16) & 0xFF) & 0xFF000000) ^
                                    (AES_FT3((Temp >>  8) & 0xFF) & 0x00FF0000) ^
@@ -181,6 +182,7 @@ AesExpandKey (
         Ek [Index1 + Index2] = Ek[Index1 + Index2 - Nk] ^ Ek[Index1 + Index2 - 1];
       }
       if (Index2 + 4 < Nw) {
+        ASSERT((Index2 +4) < sizeof(Ek)/sizeof(Ek[0]));
         Temp           = Ek[Index2 + 3];
         Ek[Index2 + 4] = Ek[Index2 + 4 - Nk] ^ (AES_FT2((Temp >> 24) & 0xFF) & 0xFF000000) ^
                                                (AES_FT3((Temp >> 16) & 0xFF) & 0x00FF0000) ^
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
index e07f90050ac3..40d6b13d2b81 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
@@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #ifndef __AES_CORE_H__
 #define __AES_CORE_H__
 
+#include <Library/DebugLib.h>
+
 /**
   Encrypts one single block data (128 bits) with AES algorithm.
 
-- 
2.18.0.windows.1


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2019-12-06  1:49 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-12-06  1:49 [PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek Zhang, Shenglei

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox