Base64Decode() now guarantees that DestinationSize is larger on output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean up the retval handling for the first Base64Decode() call in EnrollDefaultKeys, which used to work around the ambiguity in the previous Base64Decode() interface contract.
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> Cc: Jordan Justen <jordan.l.jus...@intel.com> Cc: Philippe Mathieu-Daudé <phi...@redhat.com> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1891 Signed-off-by: Laszlo Ersek <ler...@redhat.com> --- OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c index f45cb799f726..302b80d97720 100644 --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c @@ -154,14 +154,8 @@ GetPkKek1 ( Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize); switch (Status) { case EFI_BUFFER_TOO_SMALL: - if (DecodedCertSize > 0) { - break; - } - // - // Fall through: the above Base64Decode() call is ill-specified in BaseLib - // if Source decodes to zero bytes (for example if it consists of ignored - // whitespace only). - // + ASSERT (DecodedCertSize > 0); + break; case EFI_SUCCESS: AsciiPrint ("error: empty certificate after app prefix %g\n", &gOvmfPkKek1AppPrefixGuid); -- 2.19.1.3.g30247aa5d201 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#43160): https://edk2.groups.io/g/devel/message/43160 Mute This Topic: https://groups.io/mt/32284613/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
