Add some security check.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9934 6f19259b-4bc3-4df7-8a09-765794883524

2 files changed, 3 insertions, 0 deletions

diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c b/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c
index 8a53c63a50..02684e46ca 100644
--- a/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c
+++ b/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c
@@ -1505,6 +1505,7 @@ ParseOpCodes (
       //

       // Now we know the Storage width of nested Ordered List

       //

+      ASSERT (CurrentStatement != NULL);

       if ((CurrentStatement->Operand == EFI_IFR_ORDERED_LIST_OP) && (CurrentStatement->BufferValue == NULL)) {

         Width = 1;

         switch (CurrentOption->Value.Type) {

diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
index ab98ada1c8..81de737a03 100644
--- a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
+++ b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
@@ -1138,11 +1138,13 @@ GetQuestionValue (
       //

       CopyMem (Dst, Storage->EditBuffer + Question->VarStoreInfo.VarOffset, StorageWidth);

     } else {

+      Value = NULL;

       Status = GetValueByName (Storage, Question->VariableName, &Value);

       if (EFI_ERROR (Status)) {

         return Status;

       }

 

+      ASSERT (Value != NULL);

       LengthStr = StrLen (Value);

       Status    = EFI_SUCCESS;

       if (IsString) {