SecurityPkg DxeImageVerificationLib: Add comments in HashPeImage() The input PeImage in HashPeImage() has been checked. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>

commit: 89fb5aef411587661c9a1c00645d46adf76b2fb2 [log] [tgz]
author: Liming Gao <liming.gao@intel.com> Wed Jul 13 20:28:18 2016 +0800
committer: Liming Gao <liming.gao@intel.com> Thu Jul 14 15:04:54 2016 +0800
tree: defe03d61233cc3811226987d69530ab4b71e268
parent: 5a8eae9560ddf8422ed1b43aff8612931e472eb6 [diff]
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 3aef1af..7b7e6af 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c

@@ -275,11 +275,14 @@
 /**

   Calculate hash of Pe/Coff image based on the authenticode image hashing in

   PE/COFF Specification 8.0 Appendix A

-

+  

   Caution: This function may receive untrusted input.

   PE/COFF image is external input, so this function will validate its data structure

   within this image buffer before use.

 

+  Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in 

+  its caller function DxeImageVerificationHandler().

+

   @param[in]    HashAlg   Hash algorithm type.

 

   @retval TRUE            Successfully hash image.
commit	89fb5aef411587661c9a1c00645d46adf76b2fb2	[log] [tgz]
author	Liming Gao <liming.gao@intel.com>	Wed Jul 13 20:28:18 2016 +0800
committer	Liming Gao <liming.gao@intel.com>	Thu Jul 14 15:04:54 2016 +0800
tree	defe03d61233cc3811226987d69530ab4b71e268
parent	5a8eae9560ddf8422ed1b43aff8612931e472eb6 [diff]