From: Long Qin Date: Fri, 19 May 2017 07:22:10 +0000 (+0800) Subject: CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify X-Git-Tag: edk2-stable201903~4007 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=a9fb7b7803763e045bd626ec7df3ce4900e3e927;hp=112f4ada2e6bf606d28c5c9a0fe7c5357d85092d CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify Add more NULL pointer checks before using them in DhGenerateKey and Pkcs7GetCertificatesList functions to eliminate possible dereferenced pointer issue. Cc: Ting Ye Cc: Hao Wu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long Reviewed-by: Hao Wu Reviewed-by: Ting Ye --- diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c index f44684f907..391efd5c14 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c @@ -232,7 +232,9 @@ DhGenerateKey ( return FALSE; } - BN_bn2bin (DhPubKey, PublicKey); + if (PublicKey != NULL) { + BN_bn2bin (DhPubKey, PublicKey); + } *PublicKeySize = Size; } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c index 45d5df5e11..d564591cb7 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c @@ -558,7 +558,9 @@ Pkcs7GetCertificatesList ( } } CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx); - (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer); + if (CtxUntrusted != NULL) { + (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer); + } // // Build certificates stack chained from Signer's certificate. @@ -711,8 +713,10 @@ _Error: } sk_X509_free (Signers); - X509_STORE_CTX_cleanup (CertCtx); - X509_STORE_CTX_free (CertCtx); + if (CertCtx != NULL) { + X509_STORE_CTX_cleanup (CertCtx); + X509_STORE_CTX_free (CertCtx); + } if (SingleCert != NULL) { free (SingleCert);