Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
DxeRngLib: GetRandomNumber spurious success
The GetRandomNumber functions in DxeRngLib can return success without actually generating a random number. This occurs because there are code paths through `GenerateRandomNumberViaNist800Algorithm` that do not initialize the `Status` variable. - Assume mFirstAlgo == MAX_UINTN (no secure algorithms available) - Assume none of the secure algorithms have `Available` set. - Assume PcdEnforceSecureRngAlgorithms is TRUE. In this condition, the `Status` variable is never initialized, `Buffer` data is never touched. It is fairly likely that Status is 0, so we can return EFI_SUCCESS without writing anything to Buffer. Fix is to set `Status = error_code` in this code path. `EFI_SECURITY_VIOLATION` seems appropriate. Signed-off-by: Doug Cook <[email protected]>