Some fields in structure 'CertCtx' might be used uninitialized in function Pkcs7GetCertificatesList().
This commit makes sure that 'CertCtx' gets initialized before being used. Cc: Long Qin <[email protected]> Cc: Ye Ting <[email protected]> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <[email protected]> --- CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c index 559610d..efa3796 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c @@ -10,7 +10,7 @@ WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated Variable and will do basic check for data structure. -Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -489,6 +489,8 @@ Pkcs7GetCertificatesList ( OldBuf = NULL; Signers = NULL; + ZeroMem (&CertCtx, sizeof (CertCtx)); + // // Parameter Checking // -- 1.9.5.msysgit.0 _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
