This patch is to fix one dereferenced pointer issue in new
Pkcs7GetAttachedContent API, and add the memory allocation
failure check.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.l...@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index b8cfa42..d0b0c83 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -719,11 +719,6 @@ Pkcs7GetAttachedContent (
   CONST UINT8        *Temp;
   ASN1_OCTET_STRING  *OctStr;
 
-  *Content   = NULL;
-  Pkcs7      = NULL;
-  SignedData = NULL;
-  OctStr     = NULL;
-
   //
   // Check input parameter.
   //
@@ -731,6 +726,11 @@ Pkcs7GetAttachedContent (
     return FALSE;
   }
 
+  *Content   = NULL;
+  Pkcs7      = NULL;
+  SignedData = NULL;
+  OctStr     = NULL;
+
   Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, 
&SignedDataSize);
   if (!Status || (SignedDataSize > INT_MAX)) {
     goto _Exit;
@@ -771,6 +771,10 @@ Pkcs7GetAttachedContent (
     if ((OctStr->length > 0) && (OctStr->data != NULL)) {
       *ContentSize = OctStr->length;
       *Content     = malloc (*ContentSize);
+      if (*Content == NULL) {
+        *ContentSize = 0;
+        goto _Exit;
+      }
       CopyMem (*Content, OctStr->data, *ContentSize);
     }
   }
-- 
1.9.5.msysgit.1


------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

Reply via email to