Main Changes since v1 : 1.add flag IsAuthDataAssigned 2.check IsAuthDataAssigned and result of HashPeImageByType, if either is false, then skip signature verification and step to next loop
cover letter of the v1 : https://edk2.groups.io/g/devel/message/64059 Wenyi Xie (1): SecurityPkg/DxeImageVerificationLib:Enhanced verification of Offset(CVE-2019-14562) SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf | 1 + SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h | 1 + SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 111 +++++++++++--------- 3 files changed, 63 insertions(+), 50 deletions(-) -- 2.20.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#64160): https://edk2.groups.io/g/devel/message/64160 Mute This Topic: https://groups.io/mt/76165657/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
