* [PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek
@ 2019-12-06 1:49 Zhang, Shenglei
0 siblings, 0 replies; only message in thread
From: Zhang, Shenglei @ 2019-12-06 1:49 UTC (permalink / raw)
To: devel; +Cc: Jiewen Yao, Jian J Wang, Chao Zhang
Add ASSERT for Ek to ensure things out of EK would not
be visited.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
---
SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c | 2 ++
SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h | 2 ++
2 files changed, 4 insertions(+)
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
index 66edaf10c468..6c99ec83e822 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.c
@@ -160,6 +160,7 @@ AesExpandKey (
// Initialize the encryption key scheduler
//
for (Index2 = Nk, Index3 = 0; Index2 < Nw; Index2 += Nk, Index3++) {
+ ASSERT(Index2 < sizeof(Ek)/sizeof(Ek[0]));
Temp = Ek[Index2 - 1];
Ek[Index2] = Ek[Index2 - Nk] ^ (AES_FT2((Temp >> 16) & 0xFF) & 0xFF000000) ^
(AES_FT3((Temp >> 8) & 0xFF) & 0x00FF0000) ^
@@ -181,6 +182,7 @@ AesExpandKey (
Ek [Index1 + Index2] = Ek[Index1 + Index2 - Nk] ^ Ek[Index1 + Index2 - 1];
}
if (Index2 + 4 < Nw) {
+ ASSERT((Index2 +4) < sizeof(Ek)/sizeof(Ek[0]));
Temp = Ek[Index2 + 3];
Ek[Index2 + 4] = Ek[Index2 + 4 - Nk] ^ (AES_FT2((Temp >> 24) & 0xFF) & 0xFF000000) ^
(AES_FT3((Temp >> 16) & 0xFF) & 0x00FF0000) ^
diff --git a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
index e07f90050ac3..40d6b13d2b81 100644
--- a/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
+++ b/SecurityPkg/RandomNumberGenerator/RngDxe/AesCore.h
@@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#ifndef __AES_CORE_H__
#define __AES_CORE_H__
+#include <Library/DebugLib.h>
+
/**
Encrypts one single block data (128 bits) with AES algorithm.
--
2.18.0.windows.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-12-06 1:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-12-06 1:49 [PATCH] SecurityPkg/RngDxe: Add ASSERT for array Ek Zhang, Shenglei
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox