summaryrefslogtreecommitdiffstats
path: root/CryptoPkg
diff options
context:
space:
mode:
authorQin Long <qin.long@intel.com>2015-06-30 03:27:23 +0000
committerqlong <qlong@Edk2>2015-06-30 03:27:23 +0000
commit2aabd14630762198fe36856d4cdb65abac29b14e (patch)
tree2de41549d593add6b5b583e8e57282db6dc2462f /CryptoPkg
parente75390f02971bcd4d67a9696508050bee4936a01 (diff)
downloadedk2-2aabd14630762198fe36856d4cdb65abac29b14e.tar.gz
edk2-2aabd14630762198fe36856d4cdb65abac29b14e.tar.bz2
edk2-2aabd14630762198fe36856d4cdb65abac29b14e.zip
CryptoPkg: Fix the dereferenced pointer issue
This patch is to fix one dereferenced pointer issue in new Pkcs7GetAttachedContent API, and add the memory allocation failure check. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long <qin.long@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17731 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg')
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index b8cfa4286d..d0b0c838b8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -719,11 +719,6 @@ Pkcs7GetAttachedContent (
CONST UINT8 *Temp;
ASN1_OCTET_STRING *OctStr;
- *Content = NULL;
- Pkcs7 = NULL;
- SignedData = NULL;
- OctStr = NULL;
-
//
// Check input parameter.
//
@@ -731,6 +726,11 @@ Pkcs7GetAttachedContent (
return FALSE;
}
+ *Content = NULL;
+ Pkcs7 = NULL;
+ SignedData = NULL;
+ OctStr = NULL;
+
Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
if (!Status || (SignedDataSize > INT_MAX)) {
goto _Exit;
@@ -771,6 +771,10 @@ Pkcs7GetAttachedContent (
if ((OctStr->length > 0) && (OctStr->data != NULL)) {
*ContentSize = OctStr->length;
*Content = malloc (*ContentSize);
+ if (*Content == NULL) {
+ *ContentSize = 0;
+ goto _Exit;
+ }
CopyMem (*Content, OctStr->data, *ContentSize);
}
}