CryptoPkg: Fix bug for correct return value checking when get X509Cert

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4509 CryptX509.c file has X509GetTBSCert() funtion and it is added Inf variable to collect the return value of ASN1_get_object(), which return 0x80 in error case. Supplement the return value check during the second function call and correct the check logic. Signed-off-by: Qingyu <[email protected]> Cc: Jiewen Yao <[email protected]> Reviewed-by: Yi Li <[email protected]>
zurcher · May 31, 2024 · 7c584bb · 7c584bb
1 parent 746cc5c
commit 7c584bb
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,17 +839,17 @@ X509GetTBSCert (
   Length = 0;
   Inf    = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
 
-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+  if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
     return FALSE;
   }
 
   *TBSCert = (UINT8 *)Temp;
 
-  ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
+  Inf = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)Length);
   //
   // Verify the parsed TBSCertificate is one correct SEQUENCE data.
   //
-  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+  if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
     return FALSE;
   }