Code clean-up to eliminate potential "dereferenced pointer" warning.

Contributed-under: TianoCore Contribution Agreement 1.0

Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16468 6f19259b-4bc3-4df7-8a09-765794883524

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index c3793b94293602f22dd5a6cf9c424630e3063241..0243eb8c0604605127d282c7779384626570df1b 100644 (file)
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -860,6 +860,7 @@ IsCertHashFoundInDatabase (
   HashAlg  = HASHALG_MAX;\r
 \r
   ASSERT (RevocationTime != NULL);\r
+  ASSERT (DbxList != NULL);\r
 \r
   while ((DbxSize > 0) && (SignatureListSize >= DbxList->SignatureListSize)) {\r
     //\r
@@ -1132,15 +1133,16 @@ PassTimestampCheck (
   //\r
   DbtDataSize = 0;\r
   Status   = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, NULL);\r
-  if (Status == EFI_BUFFER_TOO_SMALL) {\r
-    DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize);\r
-    if (DbtData == NULL) {\r
-      goto Done;\r
-    }\r
-    Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData);\r
-    if (EFI_ERROR (Status)) {\r
-      goto Done;\r
-    }\r
+  if (Status != EFI_BUFFER_TOO_SMALL) {\r
+    goto Done;\r
+  }\r
+  DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize);\r
+  if (DbtData == NULL) {\r
+    goto Done;\r
+  }\r
+  Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData);\r
+  if (EFI_ERROR (Status)) {\r
+    goto Done;\r
   }\r
 \r
   CertList = (EFI_SIGNATURE_LIST *) DbtData;\r
@@ -1229,14 +1231,15 @@ IsForbiddenByDbx (
   //\r
   DataSize = 0;\r
   Status   = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);\r
-  if (Status == EFI_BUFFER_TOO_SMALL) {\r
-    Data = (UINT8 *) AllocateZeroPool (DataSize);\r
-    if (Data == NULL) {\r
-      return IsForbidden;\r
-    }\r
-\r
-    Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data);\r
+  if (Status != EFI_BUFFER_TOO_SMALL) {\r
+    return IsForbidden;\r
+  }\r
+  Data = (UINT8 *) AllocateZeroPool (DataSize);\r
+  if (Data == NULL) {\r
+    return IsForbidden;\r
   }\r
+\r
+  Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data);\r
   if (EFI_ERROR (Status)) {\r
     return IsForbidden;\r
   }\r
@@ -1254,7 +1257,7 @@ IsForbiddenByDbx (
   //       UINT8  Certn[];\r
   //\r
   Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, &TrustedCert, &TrustedCertLength);\r
-  if (BufferLength == 0) {\r
+  if ((BufferLength == 0) || (CertBuffer == NULL)) {\r
     IsForbidden = TRUE;\r
     goto Done;\r
   }\r