From 7e0699c06e985c2e5067e6ca93f1c2db863f1760 Mon Sep 17 00:00:00 2001 From: Qin Long Date: Wed, 3 Dec 2014 07:40:32 +0000 Subject: [PATCH] Code clean-up to eliminate potential "dereferenced pointer" warning. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long Reviewed-by: Guo Dong Reviewed-by: Eric Dong git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16468 6f19259b-4bc3-4df7-8a09-765794883524 --- .../DxeImageVerificationLib.c | 37 ++++++++++--------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index c3793b9429..0243eb8c06 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -860,6 +860,7 @@ IsCertHashFoundInDatabase ( HashAlg = HASHALG_MAX; ASSERT (RevocationTime != NULL); + ASSERT (DbxList != NULL); while ((DbxSize > 0) && (SignatureListSize >= DbxList->SignatureListSize)) { // @@ -1132,15 +1133,16 @@ PassTimestampCheck ( // DbtDataSize = 0; Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, NULL); - if (Status == EFI_BUFFER_TOO_SMALL) { - DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize); - if (DbtData == NULL) { - goto Done; - } - Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData); - if (EFI_ERROR (Status)) { - goto Done; - } + if (Status != EFI_BUFFER_TOO_SMALL) { + goto Done; + } + DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize); + if (DbtData == NULL) { + goto Done; + } + Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData); + if (EFI_ERROR (Status)) { + goto Done; } CertList = (EFI_SIGNATURE_LIST *) DbtData; @@ -1229,14 +1231,15 @@ IsForbiddenByDbx ( // DataSize = 0; Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL); - if (Status == EFI_BUFFER_TOO_SMALL) { - Data = (UINT8 *) AllocateZeroPool (DataSize); - if (Data == NULL) { - return IsForbidden; - } - - Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data); + if (Status != EFI_BUFFER_TOO_SMALL) { + return IsForbidden; } + Data = (UINT8 *) AllocateZeroPool (DataSize); + if (Data == NULL) { + return IsForbidden; + } + + Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data); if (EFI_ERROR (Status)) { return IsForbidden; } @@ -1254,7 +1257,7 @@ IsForbiddenByDbx ( // UINT8 Certn[]; // Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, &TrustedCert, &TrustedCertLength); - if (BufferLength == 0) { + if ((BufferLength == 0) || (CertBuffer == NULL)) { IsForbidden = TRUE; goto Done; }