diff options
| author | Qin Long <qin.long@intel.com> | 2014-12-03 07:40:32 +0000 |
|---|---|---|
| committer | qlong <qlong@Edk2> | 2014-12-03 07:40:32 +0000 |
| commit | 7e0699c06e985c2e5067e6ca93f1c2db863f1760 (patch) | |
| tree | 11d6604a7cae5823f72949d8e987d6475ed978f0 /SecurityPkg | |
| parent | 2aa580be6549536d7a6c57f73f928a69124fe679 (diff) | |
| download | edk2-platforms-7e0699c06e985c2e5067e6ca93f1c2db863f1760.tar.xz | |
Code clean-up to eliminate potential "dereferenced pointer" warning.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16468 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
| -rw-r--r-- | SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index c3793b9429..0243eb8c06 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -860,6 +860,7 @@ IsCertHashFoundInDatabase ( HashAlg = HASHALG_MAX;
ASSERT (RevocationTime != NULL);
+ ASSERT (DbxList != NULL);
while ((DbxSize > 0) && (SignatureListSize >= DbxList->SignatureListSize)) {
//
@@ -1132,15 +1133,16 @@ PassTimestampCheck ( //
DbtDataSize = 0;
Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, NULL);
- if (Status == EFI_BUFFER_TOO_SMALL) {
- DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize);
- if (DbtData == NULL) {
- goto Done;
- }
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
+ if (Status != EFI_BUFFER_TOO_SMALL) {
+ goto Done;
+ }
+ DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize);
+ if (DbtData == NULL) {
+ goto Done;
+ }
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData);
+ if (EFI_ERROR (Status)) {
+ goto Done;
}
CertList = (EFI_SIGNATURE_LIST *) DbtData;
@@ -1229,14 +1231,15 @@ IsForbiddenByDbx ( //
DataSize = 0;
Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Data = (UINT8 *) AllocateZeroPool (DataSize);
- if (Data == NULL) {
- return IsForbidden;
- }
-
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data);
+ if (Status != EFI_BUFFER_TOO_SMALL) {
+ return IsForbidden;
+ }
+ Data = (UINT8 *) AllocateZeroPool (DataSize);
+ if (Data == NULL) {
+ return IsForbidden;
}
+
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data);
if (EFI_ERROR (Status)) {
return IsForbidden;
}
@@ -1254,7 +1257,7 @@ IsForbiddenByDbx ( // UINT8 Certn[];
//
Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, &TrustedCert, &TrustedCertLength);
- if (BufferLength == 0) {
+ if ((BufferLength == 0) || (CertBuffer == NULL)) {
IsForbidden = TRUE;
goto Done;
}
|