EFI_SIGNATURE_LIST *CACert;\r
EFI_SIGNATURE_DATA *CACertData;\r
VOID *Data;\r
+ VOID *CurrentData;\r
UINTN DataSize;\r
UINTN SigDataSize;\r
UINT32 Attr;\r
CACert = NULL;\r
CACertData = NULL;\r
Data = NULL;\r
+ CurrentData = NULL;\r
Attr = 0;\r
\r
Status = ReadFileContent (\r
Status = gRT->GetVariable(\r
VariableName,\r
&gEfiTlsCaCertificateGuid,\r
- &Attr,\r
+ NULL,\r
&DataSize,\r
NULL\r
);\r
if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ //\r
+ // Per spec, we have to fetch the variable's contents, even though we're\r
+ // only interested in the variable's attributes.\r
+ //\r
+ CurrentData = AllocatePool (DataSize);\r
+ if (CurrentData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+ Status = gRT->GetVariable(\r
+ VariableName,\r
+ &gEfiTlsCaCertificateGuid,\r
+ &Attr,\r
+ &DataSize,\r
+ CurrentData\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
Attr |= EFI_VARIABLE_APPEND_WRITE;\r
} else if (Status == EFI_NOT_FOUND) {\r
Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;\r
FreePool (Data);\r
}\r
\r
+ if (CurrentData != NULL) {\r
+ FreePool (CurrentData);\r
+ }\r
+\r
if (X509Data != NULL) {\r
FreePool (X509Data);\r
}\r