FmpDevicePkg/FmpDxe: Improve handling of XDR certs The current implementation for XDR certificate handling assumes the PublicKeyDataXdr buffer is 4-byte aligned. This is not always the case. For example, if PublicKeyDataXdr=0x02, and the length is 0x05, the correct offset should be 0x2 + align_up(0x5, 4) -> 0x2 + 0x8 = 0xA. The current logic produces align_up(0x2 + 0x5, 4) -> align_up(0x7, 4) = 0x8. Signed-off-by: Antaeus Kleinert-Strand <antklein@microsoft.com>

commit: 17691a2641c2715fc1196aa1b0fe85b85db6c240 [log] [tgz]
author: Antaeus Kleinert-Strand <antklein@microsoft.com> Thu Sep 18 01:51:18 2025 +0000
committer: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Wed Sep 24 00:02:41 2025 +0000
tree: bc74c9b8ec36bddc433ed908782fede774ac8cf0
parent: 18d053d6828ca308824bd64ddea04de789d97edb [diff]
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.c b/FmpDevicePkg/FmpDxe/FmpDxe.c
index ae37d3f..3850e8a 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.c
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.c

@@ -923,8 +923,7 @@
         break;

       }

 

-      PublicKeyDataXdr += PublicKeyDataLength;

-      PublicKeyDataXdr  = (UINT8 *)ALIGN_POINTER (PublicKeyDataXdr, sizeof (UINT32));

+      PublicKeyDataXdr += ALIGN_VALUE (PublicKeyDataLength, 4);

     }

   }
commit	17691a2641c2715fc1196aa1b0fe85b85db6c240	[log] [tgz]
author	Antaeus Kleinert-Strand <antklein@microsoft.com>	Thu Sep 18 01:51:18 2025 +0000
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	Wed Sep 24 00:02:41 2025 +0000
tree	bc74c9b8ec36bddc433ed908782fede774ac8cf0
parent	18d053d6828ca308824bd64ddea04de789d97edb [diff]