From 86d91f44548371b1f2f8f13f8cf8e5531d5d682a Mon Sep 17 00:00:00 2001
From: Oliver Smith-Denny <osde@microsoft.com>
Date: Thu, 3 Oct 2024 10:28:47 -0700
Subject: [PATCH] ShellPkg: UefiShellLevel1CommandsLib: CodeQL Fixes

Includes changes across the module for the following CodeQL rules:
 - cpp/comparison-with-wider-type
 - cpp/overflow-buffer
 - cpp/redundant-null-check-param
 - cpp/uselesstest

Co-authored-by: Taylor Beebe <taylor.d.beebe@gmail.com>

Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
---
 .../Library/UefiShellLevel1CommandsLib/For.c    |  9 ++++++++-
 .../Library/UefiShellLevel1CommandsLib/Goto.c   |  5 +++++
 .../Library/UefiShellLevel1CommandsLib/If.c     | 17 ++++++++++++++++-
 .../Library/UefiShellLevel1CommandsLib/Shift.c  |  5 ++++-
 4 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c b/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c
index 8a6a940f28..40bb3d59b5 100644
--- a/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c
+++ b/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c
@@ -334,7 +334,10 @@ ShellCommandRunFor (
   }
 
   CurrentScriptFile = ShellCommandGetCurrentScriptFile ();
-  ASSERT (CurrentScriptFile != NULL);
+  if (CurrentScriptFile == NULL) {
+    ASSERT (CurrentScriptFile != NULL);
+    return (SHELL_INVALID_PARAMETER);
+  }
 
   if ((CurrentScriptFile->CurrentCommand != NULL) && (CurrentScriptFile->CurrentCommand->Data == NULL)) {
     FirstPass = TRUE;
@@ -687,6 +690,10 @@ ShellCommandRunFor (
       }
 
       TempString = AllocateZeroPool (50*sizeof (CHAR16));
+      if (TempString == NULL) {
+        return (SHELL_OUT_OF_RESOURCES);
+      }
+
       UnicodeSPrint (TempString, 50*sizeof (CHAR16), L"%d", Info->Current);
       InternalUpdateAliasOnList (Info->ReplacementName, TempString, &CurrentScriptFile->SubstList);
       FreePool (TempString);
diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/Goto.c b/ShellPkg/Library/UefiShellLevel1CommandsLib/Goto.c
index c0b9a010a7..1773f6a751 100644
--- a/ShellPkg/Library/UefiShellLevel1CommandsLib/Goto.c
+++ b/ShellPkg/Library/UefiShellLevel1CommandsLib/Goto.c
@@ -71,6 +71,11 @@ ShellCommandRunGoto (
       ASSERT ((CompareString == NULL && Size == 0) || (CompareString != NULL));
       CompareString = StrnCatGrow (&CompareString, &Size, L":", 0);
       CompareString = StrnCatGrow (&CompareString, &Size, ShellCommandLineGetRawValue (Package, 1), 0);
+      if (CompareString == NULL) {
+        ShellCommandLineFreeVarList (Package);
+        return SHELL_OUT_OF_RESOURCES;
+      }
+
       //
       // Check forwards and then backwards for a label...
       //
diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c b/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c
index b4a6966edb..f1953a75d2 100644
--- a/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c
+++ b/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c
@@ -99,7 +99,11 @@ IsValidProfile (
   CONST CHAR16  *TempLocation;
 
   ProfilesString = ShellGetEnvironmentVariable (L"profiles");
-  ASSERT (ProfilesString != NULL);
+  if (ProfilesString == NULL) {
+    ASSERT (ProfilesString != NULL);
+    return (FALSE);
+  }
+
   TempLocation = StrStr (ProfilesString, String);
   if ((TempLocation != NULL) && (*(TempLocation-1) == L';') && (*(TempLocation+StrLen (String)) == L';')) {
     return (TRUE);
@@ -895,6 +899,10 @@ ShellCommandRunIf (
   // Make sure that an End exists.
   //
   CurrentScriptFile = ShellCommandGetCurrentScriptFile ();
+  if (CurrentScriptFile == NULL) {
+    return (SHELL_INVALID_PARAMETER);
+  }
+
   if (!MoveToTag (GetNextNode, L"endif", L"if", NULL, CurrentScriptFile, TRUE, TRUE, FALSE)) {
     ShellPrintHiiEx (
       -1,
@@ -1076,6 +1084,9 @@ ShellCommandRunElse (
   }
 
   CurrentScriptFile = ShellCommandGetCurrentScriptFile ();
+  if (CurrentScriptFile == NULL) {
+    return (SHELL_INVALID_PARAMETER);
+  }
 
   if (!MoveToTag (GetPreviousNode, L"if", L"endif", NULL, CurrentScriptFile, FALSE, TRUE, FALSE)) {
     ShellPrintHiiEx (
@@ -1158,6 +1169,10 @@ ShellCommandRunEndIf (
   }
 
   CurrentScriptFile = ShellCommandGetCurrentScriptFile ();
+  if (CurrentScriptFile == NULL) {
+    return (SHELL_INVALID_PARAMETER);
+  }
+
   if (!MoveToTag (GetPreviousNode, L"if", L"endif", NULL, CurrentScriptFile, FALSE, TRUE, FALSE)) {
     ShellPrintHiiEx (
       -1,
diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/Shift.c b/ShellPkg/Library/UefiShellLevel1CommandsLib/Shift.c
index 4c0debea3f..d550682421 100644
--- a/ShellPkg/Library/UefiShellLevel1CommandsLib/Shift.c
+++ b/ShellPkg/Library/UefiShellLevel1CommandsLib/Shift.c
@@ -35,7 +35,10 @@ ShellCommandRunShift (
   }
 
   CurrentScriptFile = ShellCommandGetCurrentScriptFile ();
-  ASSERT (CurrentScriptFile != NULL);
+  if (CurrentScriptFile == NULL) {
+    ASSERT (CurrentScriptFile != NULL);
+    return (SHELL_INVALID_PARAMETER);
+  }
 
   if (CurrentScriptFile->Argc < 2) {
     ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_GEN_TOO_FEW), gShellLevel1HiiHandle, L"shift");