Fix signature checking

We could potentially find a valid signature and then fail to validate it due to not breaking out of the outer while loop.
author: Matthew Garrett <mjg@redhat.com> 2012-11-01 10:31:14 -0400
committer: Matthew Garrett <mjg@redhat.com> 2012-11-01 10:31:14 -0400
commit: 058c0368adf2de0369be090a0996785e55ce1477 (patch)
tree: bb963e379a088ea46bdf26f223a3c9963a74e669 /shim.c
parent: 6f1616265333a7f9b611f7c7ea7f6e0a3054806d (diff)
download: efi-boot-shim-058c0368adf2de0369be090a0996785e55ce1477.tar.gz
efi-boot-shim-058c0368adf2de0369be090a0996785e55ce1477.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/shim.c b/shim.c
index 8c039159..816688e1 100644
--- a/shim.c
+++ b/shim.c
@@ -237,6 +237,9 @@ static CHECK_STATUS check_db_cert_in_ram(EFI_SIGNATURE_LIST *CertList,
 			Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
 		}
 
+		if (IsFound)
+			break;
+
 		dbsize -= CertList->SignatureListSize;
 		CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
 	}
author	Matthew Garrett <mjg@redhat.com>	2012-11-01 10:31:14 -0400
committer	Matthew Garrett <mjg@redhat.com>	2012-11-01 10:31:14 -0400
commit	058c0368adf2de0369be090a0996785e55ce1477 (patch)
tree	bb963e379a088ea46bdf26f223a3c9963a74e669 /shim.c
parent	6f1616265333a7f9b611f7c7ea7f6e0a3054806d (diff)
download	efi-boot-shim-058c0368adf2de0369be090a0996785e55ce1477.tar.gz efi-boot-shim-058c0368adf2de0369be090a0996785e55ce1477.zip